| 1234567891011 |
- Q: server security
- A: no protection against HTTP GET DOS, early check ban in CGI, write only after successful login. Allow filesystem access to web server user. Mark files inside app/ readonly.
- Use filesystem directories to manage access and permissions.
- Exception 1: write app/var/lock/ban.cdb
- Exception 2: allow search via CGI.
|
