Forum: Mongrel Security

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Sebastian Hennebrueder (Guest)
on 2008-11-28 05:19
(Received via mailing list)
Hello,

I just setup my first mongrel server behind a apache proxy. I recognized
that a lot of explanation in the wiki and on other external pages
configure mod_proxy to connect to a localhost but simple do not
configure mongrel to listen only on localhost as well. This leads easily
to security issues for unexperienced administrators.
sample doc: http://mongrel.rubyforge.org/wiki/Apache

My proposal is that for the mod_proxy examples the listening IP is
always added. This might encourage to use a local port as default
configuration.

Best Regards

Sebastian Hennebrueder
http://www.laliluna.de
This topic is locked and can not be replied to.