Re: suEXEC witch mod_userdir
Seth Mattinen wrote:
> There are plenty of reasons for ensuring, for example, something doesn't
> walk all over MySQL
Please define "something" and it's consequences.
> or a mail flood doesn't eat up all the resources
For that, you can use a firewall to rate-limit all incoming connections
to all services. Example:
http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/dtc-dos-firewall.init;h=7db7c774338d37c80f9e532e9d27a23f747344fc;hb=d25933613b635168079c4fb30ab6c787825a8717
> and take the website down.
That should never happen if your server is well setup.
> Especially if user shell account are permitted on
> the web server.
There is no reason to provide non-chrooted shell accounts. In fact I
don't provide shell accounts at all if I don't know the user, because
you could do too much with them like flood, cpu usage, etc.
Thomas
Reply to: