[3817] in WWW Security List Archive
Re: web server's security
daemon@ATHENA.MIT.EDU (Steffan Henke)
Tue Dec 17 07:45:15 1996
Date: Tue, 17 Dec 1996 12:09:31 +0100 (MET)
From: Steffan Henke <henker@informatik.uni-bremen.de>
To: Hsiufang Chen <fchen@mpl.UCSD.EDU>
cc: www-security@ns2.rutgers.edu
In-Reply-To: <9612161621.AA11655@chiton.ucsd.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
On Mon, 16 Dec 1996, Hsiufang Chen wrote:
> Where can I find the material which compares the degree of security in
> setting up a web server among PC, Mac, and Unix machine?
Just ask any of the search engines and you'll find more than you want to.
> Also: IS there a way to find out who(account name) is using the brower
> to brows your web page? From the log file of our web server I
> could only find the machine name/IP address of the client. But
> is there a way to record the user's name to our log file?
I do not recommend it, but Apache has an option to log the username. There
must be an identd running on the client machine so you won't get the user
names of all the Mac and Win surfers.
Nonetheless: leave us just a LITTLE anonymity and don't log usernames.
Regards,
henker
... Our continuing mission: To seek out knowledge of C, to explore
strange UNIX commands, and to boldly code where no one has man page 4.
