Changing SSH and Apache ports

Dotan Cohen dotancohen at
Fri Dec 16 11:45:11 UTC 2005

On 12/16/05, Tim <ignored_mailbox at> wrote:
> On Thu, 2005-12-15 at 23:51 +0200, Dotan Cohen wrote:
> > You mention that this is not so important for http as it is with ssh.
> > Is this because apache is harder to compromise, or because if it is
> > compromised it is less dangereous? Most of the 'attacks' I get in my
> > apache log files are windows exploits.
> That will have something to do with it, but I'd hazard a guess along the
> following lines:  Breaking into your SSH server allows them to do
> anything that you can do at the CLI.  Breaking into a secure web server
> only allows them to do whatever exploits can be done to the webserver.

I suppose that if I'm not running anything other that my own
self-brewed php scripts (and assuming that they are secure), that
there is nothing exraordinary to worry about with apache- so I have
decided to leave it on port 80. Apache is used on millions of
webservers, so I guess that I have little to be paranoid about if all
those sysadmins with years of experience are comfprtable running it!

As for securing my own scripts, that is a different subject. Maybe I
wil dig through the php-general archives on that one.




More information about the fedora-list mailing list