Date: Mon, 27 Aug 2001 07:52:24 -0400 From: "Troy Settle" <troy@psknet.com> To: "Dave" <dave@hawk-systems.com>, "Tom ONeil" <tom.oneil@tacni.com>, "Free" <freebsd-isp@FreeBSD.ORG> Subject: RE: Frontpage Extensions - security and reliability assessment Message-ID: <AFEDKPGHOCJMIDGJGNEPIEHPCAAA.troy@psknet.com> In-Reply-To: <DBEIKNMKGOBGNDHAAKGNCEICIAAA.dave@hawk-systems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Having run the FP extensions on Apache/FreeBSD since 1996, I can say that if you're careful and read the docs, you can have a safe, secure machine running the FP extensions. In fact, apache+frontpage is probably more secure than IIS+Frontpage. I would recommend building a test box first. Once you've gotten FP installed, try to break it. Chances are that if you do break it, it's going to be due to a misconfiguration on your part. Support is actually pretty easy. After creating a web (IP or Name based) and testing, I create a user for the web and give that username/password to the customer. Make sure he can open the web, then leave it alone. The only time I get a call for support is when I forget to set something within the web configuration (such as the mail-from address), or if a user needs help importing/publishing an existing web site to it's new home. For reliability, frontpage will not compromise this. There's still some boxes from a previous life that are running Apache+FP. One has been up for 521 days and running apache non-stop since 03 Jan 2001, the other has been up over 760 days and running apache since 03 June 2000. Between the two, there are about 280 web sites, most of which are Frontpage enabled. I suppose it would be fair to mention that users can also use FP to publish their web site via FTP, however they lose all FP functionality beyond that. This is what my 'normal' users do when they want to use FP to build their personal web site. HTH, -- Troy Settle Pulaski Networks 540.994.4254 - 866.477.5638 http://www.psknet.com PS: FWIW, I kicked and screamed like a child when my boss first asked me to install FP back in '96. I was NOT a happy camper and I damned near lost my job over the issue. ** -----Original Message----- ** From: owner-freebsd-isp@FreeBSD.ORG ** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Dave ** Sent: Sunday, August 26, 2001 10:49 PM ** To: Tom ONeil; Free ** Subject: RE: Frontpage Extensions - security and reliability assessment ** ** ** > FWIW - we gave up on FP on FreeBSD and put in a Win2K server. Making FP ** >work on unix felt.... dirty, somehow. ** ** I know, but I feel the same way about putting a Win2k server on ** our network... ** what do you do, offer a Network SLA and then a Win2k Server SLA ** to differentiate ** reliability and security :( ** ** At the same time I get about as much a feeling of "stability" ** from the frontpage ** extensions for *nix as I do from a Win2k server... needless to ** say that isn't ** great. ** ** > We have enough call for other M$ stuff that it became worth it to have ** >a separate machine. ** ** We have not as of yet... pushing the FBSD/Cisco/Redundancy ** aspect of things as ** our "thing" and have been gracefully outsourcing or passing on ** the few customers ** who were dying to work with FP or services on Win platform. ** ** Any positive solutions or feedback from anyone using frontpage ** extensions on ** FreeBSD/Apache? ** ** >> Reviewed Frontpage extensions and a myriad of security, reliability, ** >and general ** >> discontented reports. Have also tracked down some helpful ** resources like the ** >> rtr.com site. ** >> ** >> The general feeling is that adding FP extensions is going to create ** >a security ** >> and support headache. ** >> ** >> Looking for feedback, install suggestinos, particularly good ** >resources, hacks, ** >> patches, and anything else that may help us make an accurate ** >judgement on this. ** >> ** ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org ** with "unsubscribe freebsd-isp" in the body of the message ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AFEDKPGHOCJMIDGJGNEPIEHPCAAA.troy>