[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Apache Configuration
(This subject is off-topic, and I posted the original message only in
order to update the list about cacelling the project of developing a
tool of us. I suggest to continue it in more limited forum).
Stanislav Malyshev a.k.a. Frodo wrote:
> >But I think that the most important model is: using a special port,
> >different than 80. Not only that it is supported by these tools, but
> >as I understood it is even the default. The security is achieved by
> >using a port which is blocked by your router and/or your firewall
> >and/or your UNIX. Although it is not a replacement for the basic
> >methods (since it doesn't block the other internal users), it is a
> >critical method for blocking external intruders.
> >
> Just you shouldn't put too many hope on this blocking. There are methods
> to circumvent this (various bounce/redirect attacks), and internal users
> in big companies (ones that need good GUI more than small ones - because
> one has to configure many servers, etc.) are the biggest security threat
> ;).
Seems you understood what I wrote. As I wrote, relying on the router/
firewall/etc. is not a replacement, but a complementary.
> >The commercial tool requires a frames+tables supported browser.
> >The HTTP/Java tool requires a Java supported browser.
> >
> The thing that I find somewhat silly. Why not to make it lynx-friendly
> (with graphics, etc - but no Java)? If I have server-only system, I would
> have to install JDK or Communicator just to configure my Apache -
> overkill, don't you think so? Not talking about server systems that have
> no X at all... Neglect to this type of systems seems to be common - most
> GUI systems (example - linux distributions, Solaris tools) don't have
> console analogues of it's GUI tools, though it is certainly possible and
> when I have choice, I use only them - it's much more easy-to-use, fast
> and convenient - you have 101 key on keyboard and only 3 on mouse -
> guess what is faster and more flexible? ;).
I think that what you need is a good text editor and that's all. It
is legitimate, but most of the web users need GUI. Ask the staff of
Apache Group what is the main drawback of Apache. Look at the dozens
of the reviews of PC-Magazine, other ZD publications, and many other
reviews: Netscape (and Microsoft!) win Apache consistently, mainly
because of the lack of GUI. currently, half of the web sites use
Apache, but the research companies expect this statistics to be
changed if Apache will not gain a GUI management. Do you know how
many phone calls I get regarding to management of Apache and "why
the hell do we need this ****ing web server?" (I got one today). And
I say it as a man who wrote scalable fonts directly in PS-Type1 (now
I have Fontographer) and created animated GIFs by combining code of C
and of Shell. Anyway, there is already a text based "interface" for
Apache, so these folks don't have to develop it again, but instead -
develop GUI.
> >BTW^2: Meanwhile, I cancel my plans to develop yet another tool. I
> >was not aware of the other tools (as well as 99% of the Apache
> >users. These 3 projects are so unknown and unfamous...). I believe
> And Apache has no link to it, and in the FAQ written: "Q: Can I configure
> apache from my browser? A: No." Period. Publicity, huh?
>From http://www.apache.org/related_projects.html#guidev :
-----------------------------------------------------------------------
Apache Graphical User Interface Project
=======================================
A number of folks have gotten together to work on a graphical
configuration tool for Apache.
Find out more by subscribing to the "gui-dev" mailing list,
by sending mail to gui-dev-request@apache.org with the words
"subscribe" in the body of the message.
Also, visit <A HREF=...>Justin Seiferth's status page</A>
-----------------------------------------------------------------------
Still the commercial tool is not referrenced from Apache, but I
think the reason is that they want the configuration management to
be free, including the source (and contrary to stuff like SSL in
the US which must be commercial).
> >3. Programmable interface (SNMP!).
> Which many of tool users didn't ever heard about ;), not to say know how
> to use it.
You didn't understand: SNMP interface is not *instead* of the GUI
interface - it is *in addition*!
I know that there are some people (most of them secretaries who use
word processors, etc.) who still didn't hear about SNMP, but this
interface is not for people who need GUI, but for *programs* which
need a programmable protocol to interface with the Apache (i.e. with
its configuration management).
> >6. To be included in Apache 2.0 (scheduled to May, but let me be
> > skeptical :-(
> Well, we all know that "scheduled to May" means "maybe it will be ready
> in September" ;).
Read my lips: scheduled to "May" == scheduled to "may be" == "may be"
:-)
And we are still waiting for 1.3...
--
Eli Marmor
marmor@elmar.co.il
El-Mar Software Ltd.