[Zope] ZServer security question
Wed, 26 Jun 2002 21:24:43 +0200
Doug Chamberlin writes:
> I've seen some people advise not placing a ZServer server directly
> accessible on the Internet due to security concerns. I guess the
> recommended practice is to front the Zope service via Apache, et al. I have
> no great objection to this but I'd like to know more about why. Zope,
> itself, appears to this newbie to be reasonably secure with the user_acl
> stuff built in. Are appearances deceiving?
Please search the mailing list archives.
Once, I saw a comprehensive list there...