Table of Contents
Advertisement
Considering Additional Security Issues
Making Additional Changes to Protect Servers
If you want to have both protected and unprotected servers, you should operate
the unprotected server on a different machine from the protected one. If your
resources are limited and you must run an unprotected server on the same
machine as your protected server, do the following.
•
Assign proper port numbers. Make sure that the protected server and the
unprotected server are assigned different port numbers. The registered default
port numbers are:
•
For UNIX or Linux, enable the
The unprotected server should have references to its document root redirected
using
chroot
directories. You'd use this feature to safeguard an unprotected server. For example,
you could say that the root directory is
to access the root directory, it really gets
/d1/ms/dev
system, without giving it access to all the files under the actual root directory.
However, if you use
required by Enterprise Server under the alternative root directory, as shown in the
following illustration:
Figure 5-1
136
Netscape Enterprise Server Administrator's Guide • April 2002 (Draft)
443 for the protected server
80 for the unprotected server
.
chroot
allows you to create a second root directory to limit the server to specific
and so on. This allows you to run the web server on your UNIX/Linux
, you need to set up the full directory structure
chroot
Example of chroot Directory Structure
feature for the document root directory.
chroot
. Then any time the web server tries
/d1/ms
. If it tries to access
/d1/ms
, it gets
/dev
Advertisement
Table of Contents
Need help?
Do you have a question about the NETSCAPE ENTREPRISE SERVER 6.1 - 04-2002 ADMINISTRATOR and is the answer not in the manual?
Questions and answers