Hi Luigi, Surely it is safest for all if an item of installed software is disabled on all fronts unless specifically enabled for a particular site? It's all about reducing the 'surface area' of servers these day's isn't it? :-) If Drupal has a security issue, I'd rather have one vulnerable website instead of having all sites on a server vulnerable.
I am aware of how to disable it globally and enable for individual sites, which is what has been done on my server. We shall have to agree on disagreeing in this case. Regards Kyle On Tuesday 27 November 2007 09:21:22 Luigi Gangitano wrote: > Hi Kyle, > I'm sure you noticed that /etc/apache2/conf.d/drupal.conf is a > configuration file that can be easily modified or deleted and drupal > will keep your version between upgrades. It is provided as an easy way > to set up drupal on a single host with no virtual hosting and any > administrator with little experience in Apache configuration can disable > it an configure host-specific directives. > > > So I don't consider this a bug, as I don't consider a bug choises I do > in default squid configuration. You can always change them in your > configuration file if you wish. > > Regards, > > L -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
