[Zope] I got it!
glyph@twistedmatrix.com
glyph@twistedmatrix.com
Tue, 29 Feb 2000 13:39:36 -0500 (EST)
After much struggling ... the docs REALLY REALLY must be improved ... I
finally understood what zope was for yesterday, in a spectactular
epiphany!
After installing PyGreSQL and mucking about with some dtml-in
statements, I am hooked. Addicted. Zope is The Only Way To Web... (I
think I'll be keeping my personal website outside of it, but mainly
because I *want* my personal website to be crufty and poorly designed...
that's what makes it personal ^_^)
However, this new rush of excitement was tempered by the realization
that I probably couldn't use it for the distributed authoring purposes
that I had hoped I could. Security is a HUGE concern for me: students
from college campuses log in to my server, and many of them are on
networks where sniffers are running. This is not a random paranoid
raving, either: our server has been attacked three times in the past
six months. The attacks succeeded the first time, but we have since
wised up and insisted that everyone connect over SSH only, no telnet,
and Debian keeps us up-to-date on security fixes.
A few questions:
* Is there any way to secure the authentication process that Zope has,
on the wire?
* Can this be done internally to ZServer?
If not, I have had some problems connecting over the Apache thing to
the management interface. I hope that this is resolvable. (Debian
Apache/Zope users?)
Anyway, now that I know what's going on ... zope is AMAZING. I can't
believe how easy it is to set up complex database-oriented websites.
--
______ __ __ _____ _ _
| ____ | \_/ |_____] |_____|
|_____| |_____ | | | |
@ t w i s t e d m a t r i x . c o m
http://www.twistedmatrix.com/~glyph/