Re: blog server
On Wed, 2006-11-01 at 07:36 -0800, Enrique Morfin wrote:
> Hi!
>
> We need a super-secure blog server. This is for
> sharing info in a LAN, just for some users.
>
> How can do this?
>
I really like lighttpd (www.lighttpd.net) , I use pound
( www.apsis.ch/pound/ ) to help sanitize requests and deal with basic
load balancing.
Check out boast machine (www.boastology.com) for a lightweight and
hardened blog. It has a nice community growing around it.
WP/Geeklog/Etc are great, but more popular.. hence 0 day exploits are
more likely to be available for them rather than something a little more
obscure.
All in all, its as strong as apache + modsec without the associated
bloat and overhead for such a specific / simple purpose.
If the machine is only accessible via intranet (LAN), that's half of the
battle won already, you probably do not need to sanitize requests or
have to worry about vulnerabilities discovered in your blog software as
urgently as you would if it were public.
"Lighty" (lighttpd) has decent built in header parsing, I use pound only
because of its simple xml configuration making it easy to import new
expressions to match.
If you need help or a howto to get it going, feel free to post back.
There are some nice tutorials available on their site that should get
you started.
> PS. Any howto for newbies about configuring
> squirrelmail?
>
For basic use its just untar edit the config and you're done. What kind
of setup were you after?
Best,
-Tim
Reply to:
- References:
- blog server
- From: Enrique Morfin <enriquemorfin@yahoo.com>