Zope on Port 80
Peter Hansen
peter at engcorp.com
Tue Jan 14 17:35:39 EST 2003
Elias Ponvert wrote:
>
> Apologies if this is a FAQ, I've not seen it anywhere.
>
> Is there any reason _not_ to run Zope on port 80 of, say,
> mymachine.foo.com? Assume that I'm OK with mymachine only running
> Zope. Are there other reasons? Security? Caching?
A process has to be root, at least initially, to bind to port 80 (or
any port below 1024) under Linux. That in itself might pose security
risks for you.
My own approach has been to bind Zope to another port as a safer
user, but use iptables and port-redirection to make it appear
as though it's on port 80. Not sure just how much "better" this
might be, but it _feels_ safer.
I wouldn't imagine there are any particular issues with caching
etc., at least not that are unique to port 80.
-Peter
More information about the Python-list
mailing list