Re: suEXEC witch mod_userdir

[Thomas Goirand <thomas@goirand.fr>]

Seth Mattinen wrote:
> There are plenty of reasons for ensuring, for example, something doesn't
> walk all over MySQL

Please define "something" and it's consequences.

> or a mail flood doesn't eat up all the resources

For that, you can use a firewall to rate-limit all incoming connections
to all services. Example:

http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/dtc-dos-firewall.init;h=7db7c774338d37c80f9e532e9d27a23f747344fc;hb=d25933613b635168079c4fb30ab6c787825a8717

> and take the website down.

That should never happen if your server is well setup.

> Especially if user shell account are permitted on
> the web server.

There is no reason to provide non-chrooted shell accounts. In fact I
don't provide shell accounts at all if I don't know the user, because
you could do too much with them like flood, cpu usage, etc.

Thomas