lighttpd 1.4.x
https://www.lighttpd.net/
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
60 lines
848 B
60 lines
848 B
================= |
|
Security Features |
|
================= |
|
|
|
------------ |
|
Module: core |
|
------------ |
|
|
|
:Author: Jan Kneschke |
|
:Date: $Date: 2004/08/29 09:44:53 $ |
|
:Revision: $Revision: 1.2 $ |
|
|
|
:abstract: |
|
lighttpd was developed with security in mind ... |
|
|
|
.. meta:: |
|
:keywords: lighttpd, security |
|
|
|
.. contents:: Table of Contents |
|
|
|
Description |
|
=========== |
|
|
|
Limiting POST requests |
|
---------------------- |
|
|
|
|
|
|
|
:: |
|
|
|
server.max-request-size = <kbyte> |
|
|
|
System Security |
|
--------------- |
|
|
|
Running daemons as root with full privileges is a bad idea in general. |
|
lighttpd runs best without any extra privileges and runs perfectly in chroot. |
|
|
|
Change Root |
|
``````````` |
|
|
|
server.chroot = "..." |
|
|
|
Drop root privileges |
|
```````````````````` |
|
|
|
server.username = "..." |
|
server.groupname = "..." |
|
|
|
FastCGI |
|
``````` |
|
|
|
fastcgi + chroot |
|
|
|
Permissions |
|
``````````` |
|
|
|
:: |
|
|
|
$ useradd wwwrun ...
|
|
|