Securing PyDoc and CGIHTTPserver

Peter Hansen peter at
Tue Jul 15 15:03:41 CEST 2003

Jon Schull wrote:
> Peter Hansen <peter at> wrote in message news:<3F13034D.19A4C65 at>...
> >
> > If this is merely a "local webserver interface", then it should bind
> > to localhost only.
> Well, maybe this is how the question should be phrased.  How best to
> securely and reliably "bind to localhost only" (spoof-proofly, etc.)?

Localhost means "localhost" as defined in your /etc/hosts or equivalent
file under Windows, or the address  Basically, don't do a bind
to '' which binds to all interfaces, but 'localhost' or '' and
you won't get external interfaces involved.


More information about the Python-list mailing list