NYCPHP Meetup

NYPHP.org

[nycphp-talk] FUNDAMENTALS #1: Site Structure

David Sklar sklar at sklar.com
Thu Sep 4 10:54:44 EDT 2003


> SO, I guess if you're up to
> date on all your patches, security concerns shouldn't influence
> anyone's decision to place includes in location A rather the B.

Being "up to date on all your patches" is a theoretical goal state never
achieved in practice for any signficant length of time. Even if you think
you've installed all of the currently available and relevant patches for all
of the software running on your web server, your database server, your VPN
server, your firewall, your dialup server, your employee desktops, your
coffee maker, and your pet hamster, new vulnerabilities will be discovered
and new patches released.

Security concerns should definitely influence how you organize your site.
Running Apache and/or MySQL in a chroot jail, for example, is still a good
idea even for the patch-vigilant.

David




More information about the talk mailing list