In the past I had set up access of my SSL enabled web server to be restricted to ceretain IP addresses by putting IP restrictions in the httpd.conf file. Running Mac OS X server I see my options as putting the restrictions in either the appropriate .conf file in the /etc/httpd/sites directory or by setting up rules in the firewall in server admin.
It seems to me that the better choice is in the Firewall function through Server Admin. The firewall rules can be edited there and as attacks on the server are monitored one could more easily use the firewall to keep out intruders for the other services as well. I have a low volume server, so computing overhead is a non-issue on any setup I may choose.
Any thoughts on this?
.
.
Comments are closed