[CentOS] Apache warns Web server admins of DoS attack tool

Les Mikesell lesmikesell at gmail.com
Fri Aug 26 16:05:08 UTC 2011


On Fri, Aug 26, 2011 at 10:37 AM, Always Learning <centos at u61.u22.net> wrote:
>
> Apache creates a default set-up. Default for those who need something
> which 'works out of the box'.

'Apache' is infinitely configurable.  It is the upstream/Centos
distribution that provides a working base configuration that is also
the expected base for a large number of optional packages.

> Apache then gives the creative person the
> facilities to experiment and, as you illustrated, the ability to
> minimise collateral disruption when something goes wrong when changing
> files (like the mouse wheel button pasting copied text into unwanted
> places).

That's kind of irrelevant.  The thing that matters in a distribution
managed by a package manager is that the base and optional components
don't conflict with each other.  In many places the distribution
handles this by splitting what might be one big file into a directory
of included components so each package can manage its own optional
components.  Apache is one of these.  There are a number of web
applications available in the base and 3rd party repos that drop
snippets of apache config into /etc/httpd.conf.d and if you add your
own packages you can do the same without conflict as long as you
choose a different filename.

> Everything in, for example /data, is entire operating system
> independent. Simple. The operating system dependant parts of Apache are
> in the /etc /usr and /var directories, so they can be updated with other
> operating system revisions. Remember the /etc /usr /var directories are
> operating system directories, so we keep non-operating system items out
> of them.

Your are kind of missing the point there.   Do you also think /home
belongs to the OS and put your own files elsewhere?

> If I wanted to move everything to another operating system, for example
> Solaris or BCD, everything in /data will work on the new operating
> system without changes ! Just needs a few quick changes to the operating
> system configuration files. Simple, Easy and Reliable.

That's equivalent to saying you should always install programs from
source tarballs with 'configure; make; make install'.  You can do that
across different platforms, but that's probably much less important to
most people than having automatic updates available from packages
already well tested on your distribution.  Once in a while there is a
good reason to do something that isn't pre-packaged, but even then you
don't have to do it in a way that is incompatible with existing
packages.

-- 
  Les Mikesell
   lesmikesell at gmail.com



More information about the CentOS mailing list