From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,27c24ba68e621eef X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news4.google.com!news.glorb.com!border1.nntp.dca.giganews.com!nntp.giganews.com!local01.nntp.dca.giganews.com!nntp.megapath.net!news.megapath.net.POSTED!not-for-mail NNTP-Posting-Date: Thu, 30 Jun 2005 14:56:53 -0500 From: "Randy Brukardt" Newsgroups: comp.lang.ada References: Subject: Re: AWS applications and domain hosting Date: Thu, 30 Jun 2005 15:00:00 -0500 X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 5.50.4927.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4927.1200 Message-ID: NNTP-Posting-Host: 64.32.209.38 X-Trace: sv3-3NylmX370CKELv2KclqlMjN+z+pz+jp2+q9MZ5nBeSt+RknUqUvtj6Wm9SJby1v3plOIqwEHui5+yy8!SF5u10G+3nNHWFIwUwVuCC2/9UaX3rATVbLqwRIiO7BdaTxF5Amp9hk84xrybAkkmVN1FzaaOcYw X-Complaints-To: abuse@megapath.net X-DMCA-Complaints-To: abuse@megapath.net X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly X-Postfilter: 1.3.31 Xref: g2news1.google.com comp.lang.ada:11782 Date: 2005-06-30T15:00:00-05:00 List-Id: "Jacob Sparre Andersen" wrote in message news:m2mzpc20tu.fsf@hugin.crs4.it... ... > The benefit of running through a proxy are: > > a) You don't have to implement plain handing out of static files > yourself. That's such a trivial task (assuming that AWS includes appropriate handling of HTTP commands) that's it's pretty silly not to include it and avoid extra failure points. > b) Your daemon doesn't have to run as "root" (which is the case, if > you want it to bind directly to port 80 on the system). That must be one of the few advantages of Windows. :-) I run the AdaIC.com server as a service under a heavily restricted user account (it does not have permission to access most of the disk or other partitions or systems). No special permissions changes needed. While Apache is a fine program, if you're doing light-duty work (and almost all web programs outside of Google are light-duty), an all-Ada solution will perform adequately and will be much less likely to break. After all, I believe in security by not having unused services on the system. Generalized systems like Apache simply provide too many "features" of little value to be safe. "Turning off" unused services via a configuration file is much less safe (someone could rewrite the configuration file) than not having the services around in the first place. And every additional program will provide an additional failure point. Randy.