[ot] if you run a server open to the 'net

[After Hours]

Folks,

I know each and every one of us has a secure server here, which is why 
this note is completely unnecessary.  Still, we need every bit of help 
we can get, and I do know ONE of you secretly will read this and say 
"Oh, shi*"  This is for those of us who no longer read the Webstar list 
or may have been under a rock/without a server/on the road for that 
last few months/years.

Recently, I read a nice little tidbit here:  
http://www.tidbits.com/tb-issues/TidBITS-704.html#lnk4   and now see 
this has been posted on the Webstar list, too.   The short version is: 
if you left the webstar 4.x proxy plugin installed and are not using 
it, remove it.

On a related note, Chris Jett and I have been playing with IPNetSentry 
trying to isolate occurrences of unexpected server freezes.  While this 
issue has not abated completely, I think we have enough antidotal 
evidence to highly recommend installing IPNetSentry 1.3.9 on every 
server open to the public.  It has improved stability quite measurably. 
  If, of course, you have a firewall and it is well-configured, you may 
not have as many worries, but you may still be amazed by what comes 
sniffing into your network.

There can be drawbacks to using IPNS, as it doesn't always like code 
that your users may want to apply to their sites.  For instance, we 
know one insistent developer who 'absolutely must' use nedstatbasic.net 
for the free stats feature.  This triggers a Nimda response from IPNS, 
blocking the visitor IP from the server unless that is disabled.  What 
is that saying about build an idiot-proof solution and a better idiot 
will evolve?

Anyway, food for thought for the small minority of you who didn't 
already know all this.  If you do not have a webserver, then I 
apologize for taking up your time.

Paul Vail
RDUonline.com
webhosting, design and server management