Akara & security
12 views
Skip to first unread message
Luis Miguel Morillas
Jun 6, 2012, 5:59:52 PM6/6/12
to ak...@googlegroups.com
How do you protect akara services from DOS attacks? Is it possible to
make services visible only from localhost?
Regards,
-- luismiguel (@lmorillas)
make services visible only from localhost?
Regards,
-- luismiguel (@lmorillas)
Uche Ogbuji
Jun 6, 2012, 7:39:46 PM6/6/12
to ak...@googlegroups.com
Yes you can just set the interface to loopback-only in the config.
DOS attacks is a separate question. For that one do what most users of specialized servers do: run it behing Apache or Nginx or Lighttpd, and configure these for such security protections. No point reinventing that wheel lower in the stack.
I still owe you answers for other questions. Sorry. my scrambled brain getting in the way.
--Uche
--
Uche Ogbuji http://uche.ogbuji.net
Weblog: http://copia.ogbuji.net
Poetry ed @TNB: http://www.thenervousbreakdown.com/author/uogbuji/
Founding Partner, Zepheira http://zepheira.com
Linked-in: http://www.linkedin.com/in/ucheogbuji
Articles: http://uche.ogbuji.net/tech/publications/
Friendfeed: http://friendfeed.com/uche
Twitter: http://twitter.com/uogbuji
http://www.google.com/profiles/uche.ogbuji
DOS attacks is a separate question. For that one do what most users of specialized servers do: run it behing Apache or Nginx or Lighttpd, and configure these for such security protections. No point reinventing that wheel lower in the stack.
I still owe you answers for other questions. Sorry. my scrambled brain getting in the way.
--Uche
--
You received this message because you are subscribed to the Google Groups "akara" group.
To post to this group, send email to ak...@googlegroups.com.
To unsubscribe from this group, send email to akara+un...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/akara?hl=en.
Uche Ogbuji http://uche.ogbuji.net
Weblog: http://copia.ogbuji.net
Poetry ed @TNB: http://www.thenervousbreakdown.com/author/uogbuji/
Founding Partner, Zepheira http://zepheira.com
Linked-in: http://www.linkedin.com/in/ucheogbuji
Articles: http://uche.ogbuji.net/tech/publications/
Friendfeed: http://friendfeed.com/uche
Twitter: http://twitter.com/uogbuji
http://www.google.com/profiles/uche.ogbuji
Chime Ogbuji
Aug 16, 2012, 6:42:25 PM8/16/12
to ak...@googlegroups.com
Luis or Uche, I have the same need for the second request in this email thread, i.e., to make services visible only from localhost. How specifically do you 'set the interface to loopback-only' in the Akara config?
Thanks
--
Chime Ogbuji
Sent with Sparrow (http://www.sparrowmailapp.com)
On Wednesday, June 6, 2012 at 7:39 PM, Uche Ogbuji wrote:
> Yes you can just set the interface to loopback-only in the config.
>
> DOS attacks is a separate question. For that one do what most users of specialized servers do: run it behing Apache or Nginx or Lighttpd, and configure these for such security protections. No point reinventing that wheel lower in the stack.
>
> I still owe you answers for other questions. Sorry. my scrambled brain getting in the way.
>
> --Uche
>
> > To unsubscribe from this group, send email to akara+un...@googlegroups.com (mailto:akara%2Bunsu...@googlegroups.com).
> To unsubscribe from this group, send email to akara+un...@googlegroups.com (mailto:akara+un...@googlegroups.com).
Thanks
--
Chime Ogbuji
Sent with Sparrow (http://www.sparrowmailapp.com)
On Wednesday, June 6, 2012 at 7:39 PM, Uche Ogbuji wrote:
> Yes you can just set the interface to loopback-only in the config.
>
> DOS attacks is a separate question. For that one do what most users of specialized servers do: run it behing Apache or Nginx or Lighttpd, and configure these for such security protections. No point reinventing that wheel lower in the stack.
>
> I still owe you answers for other questions. Sorry. my scrambled brain getting in the way.
>
> --Uche
>
> On Wed, Jun 6, 2012 at 3:59 PM, Luis Miguel Morillas <mori...@gmail.com (mailto:mori...@gmail.com)> wrote:
> > How do you protect akara services from DOS attacks? Is it possible to
> > make services visible only from localhost?
> >
> > Regards,
> >
> > -- luismiguel (@lmorillas)
> >
> > --
> > You received this message because you are subscribed to the Google Groups "akara" group.
> > To post to this group, send email to ak...@googlegroups.com (mailto:ak...@googlegroups.com).
> > How do you protect akara services from DOS attacks? Is it possible to
> > make services visible only from localhost?
> >
> > Regards,
> >
> > -- luismiguel (@lmorillas)
> >
> > --
> > You received this message because you are subscribed to the Google Groups "akara" group.
> > To unsubscribe from this group, send email to akara+un...@googlegroups.com (mailto:akara%2Bunsu...@googlegroups.com).
> > For more options, visit this group at http://groups.google.com/group/akara?hl=en.
>
>
>
>
> --
> Uche Ogbuji http://uche.ogbuji.net
> Weblog: http://copia.ogbuji.net
> Poetry ed @TNB: http://www.thenervousbreakdown.com/author/uogbuji/
> Founding Partner, Zepheira http://zepheira.com
> Linked-in: http://www.linkedin.com/in/ucheogbuji
> Articles: http://uche.ogbuji.net/tech/publications/
> Friendfeed: http://friendfeed.com/uche
> Twitter: http://twitter.com/uogbuji
> http://www.google.com/profiles/uche.ogbuji
>
>
>
>
> --
> Uche Ogbuji http://uche.ogbuji.net
> Weblog: http://copia.ogbuji.net
> Poetry ed @TNB: http://www.thenervousbreakdown.com/author/uogbuji/
> Founding Partner, Zepheira http://zepheira.com
> Linked-in: http://www.linkedin.com/in/ucheogbuji
> Articles: http://uche.ogbuji.net/tech/publications/
> Friendfeed: http://friendfeed.com/uche
> Twitter: http://twitter.com/uogbuji
> http://www.google.com/profiles/uche.ogbuji
> --
> You received this message because you are subscribed to the Google Groups "akara" group.
> To post to this group, send email to ak...@googlegroups.com (mailto:ak...@googlegroups.com).
> You received this message because you are subscribed to the Google Groups "akara" group.
> To unsubscribe from this group, send email to akara+un...@googlegroups.com (mailto:akara+un...@googlegroups.com).
Uche Ogbuji
Aug 16, 2012, 11:39:29 PM8/16/12
to ak...@googlegroups.com
On Thu, Aug 16, 2012 at 4:42 PM, Chime Ogbuji <chim...@gmail.com> wrote:
This is covered in the boilerplate comments of akara.conf. In particular:Luis or Uche, I have the same need for the second request in this email thread, i.e., to make services visible only from localhost. How specifically do you 'set the interface to loopback-only' in the Akara config?
# where it should place its PID and log files.
class Akara:
# Listen: interface name (optional) and port to listen for HTTP requests
Listen = 8880
# To specify the interface name use this format:
# Listen = "localhost:8880"
Founding Partner, Zepheira http://zepheira.com
Reply all
Reply to author
Forward
0 new messages