Zope on Port 80

Peter Hansen peter at engcorp.com
Wed Jan 15 06:34:46 CET 2003


Andrew Veitch wrote:
> 
> > Is there any reason _not_ to run Zope on port 80 of, say,
> > mymachine.foo.com?
> 
> On Unix you have to be root to open port 80 and it's better if you can run
> Zope as a user other than root in case of security problems.
> 
> It's not that good an idea to expose Zope to the outside world anyway, I'd
> suggest running Apache on port 80 and re-direct to Zope on localhost:8080

Is this comment based on fear of the unknown, or are there specific
security issues which concern you about exposing Zope to the outside
world.

I ask because I have several Zope servers exposed to the outside world,
and I don't consider them very insecure.  I'd be grateful to learn how
I'm being careless, if I am.

-Peter




More information about the Python-list mailing list