Seeking Zope/Plone hosting and Systems Administration

• Previous message: Seeking Zope/Plone hosting and Systems Administration
• Next message: BayLISA Monthly: 6/17/04: Pass Thru Auto Bot: Technical Support's automated responder, Heather Stern
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> That means that you can take the average Zope server serving content
at
> http://my.dom.ain and go to http://my.dom.ain/manage to get the
management
> interface.

We use a Zope access-rule script for loading Plone as the root page and
mapping the management path to a fire-wall protected high port. There
are also ways to configure IP authentication entirely within Zope. I
certainly agree with you about proxying since Apache has many security
and scalability advantages over Zope native webservice.

Ken

>  You'll get prompted for a password, of course, but ... I don't
> like the fact you get that close.  Worse, it's somewhat difficult to
deal
> with this because /manage is not the only 'management' URL -- most
actions
> in Zope are done through URLs (I wrote a Zope exporter/importer at my
last
> company that took advantage of this).
> 
> Now, it may be that logging in through Zope's mechanisms is required
for
> you and so you're going to have to make it available to the world.  If
it
> is not, however, I'd strongly urge you to proxy it behind Apache and
use
> ProxyMatch to make sure people don't access the management interface
(e.g.
> http://app.inorganic.org/manage).
> 
> Thus ends AnswerMan's retort to your question.
> 
> (There are other reasons I don't like Zope, but they're mostly
> development-based, rather than sysadmin-based)
> 
> -roy

• Previous message: Seeking Zope/Plone hosting and Systems Administration
• Next message: BayLISA Monthly: 6/17/04: Pass Thru Auto Bot: Technical Support's automated responder, Heather Stern
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]