[Owasp-Malaysia] The Best, Secure and lightier HTTPD

Mohd Syamsuri msyamsuri at gmail.com
Mon Sep 27 10:43:19 EDT 2010


I agree with you Mr. Ang

" It's not the webserver software that's usually not secure, but what you
run on it "

I have run several lighttpd webserver and the problem is not on the lighttpd
but the system or cms that run on it.
joomla, drupal or others cms have a hole on it.

Everyone have the source code and our job is to patch and keep it secure.

no matter what os you install, what type of web server you are using, always
keep your eye open.


On Mon, Sep 27, 2010 at 2:02 PM, Ang Chin Han <ang.chin.han at gmail.com>wrote:

> On Mon, Sep 27, 2010 at 12:07 PM, Muzamir Mokhtar <muzamir at pahang.gov.my>
> wrote:
> > Salam,
> >
> > I would like to know which one is the best, secured (not 100%) and
> > light httpd?
> > I got some of them. If any of you got others version please do advice me.
> >
> > Apache -  the origin
> > Lighthttpd - http://www.lighttpd.net/
> > nginx - http://nginx.org/
>
> For what it's worth, we run a number of nginx webservers as a
> frontend, apache for backend. Good performance for nginx.
>
> But  more importantly for security, you need to look at what type of
> websites you are running. I'll hazard that most mature webserver
> software is secure for static sites, so it doesn't matter. When you
> have running other things, e.g. PHP, fastcgi, mod_python, etc is when
> things get insecure. E.g. please don't run phpmyadmin or phppgadmin on
> a publicly accessible website/server. Patch your Joomla, Wordpress,
> Drupal where possible.
>
> tl/dr: It's not the webserver software that's usually not secure, but
> what you run on it.
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>



-- 
best regard
syamsuri
Mynux Solutions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20100927/6f17c91f/attachment-0001.html 


More information about the Owasp-Malaysia mailing list