Re: apache and apache-ssl
Jacob S. wrote:
Sorry, I do realize that apache-ssl doesn't secure information by
default, but requiring basic authentication over ssl using a .htaccess
does, and that is the reason I was asking.
Is there really any reason for the apache and apache-ssl packages to
default to using the same server root, document root and system user? It
would seem that there would be more people wanting them as separate
pages and sites for security purposes that they would default to being
different, and those that want them alike can make them alike. Shouldn't
a bug report be filed against one or both packages for this?
I think this is an excellent point!
But before we go doing bug reports, is this a configuration option that's
available under a low priority?
Is it possible that software is not like anything else, that it is meant to
be discarded: that the whole point is to always see it as a soap bubble?