On Fri, 2007-10-05 at 15:13 -0500, Les Mikesell wrote: > Guy Fraser wrote: > >> > >> Under Linux they can do what they want, but they are too cheap to hire > >> someone who has clues and can do it securely. > > > > That is a very valid issue. It takes a fair amount of time to design a > > hardened web server. > > Why does such a thing have to be designed more than once? > Ask the developers? If PHP, Perl, Apache and the FTP server were configured in a hardened way, we would not have had to reconfigure them as much as was needed. Now we pretty much use a cookie cutter on new servers. A lot of time was required developing an application to maintain access accounts and sites.
