[pmwiki-users] Customer queries
Tegan Dowling
tmdowling at gmail.com
Wed Apr 5 08:24:56 CDT 2006
We have a proposal out to a customer who is asking some security questions
that I don't fully understand. Can anyone enlighten me about how to answer
these?
1) Has the application been ethically hacked? If so by whom and can we
> have a copy of the report?
> 2) Can the application support SSL?
> 3) Does the application have an API? What security is provided through
> this?
(or anyway, suggest a reply other than "I'm too blasted ignorant to be your
provider?")
Regarding question #2, I'm pretty sure that the answer is "PmWiki can if the
host-server can", correct? Searching the mail-list history, I found a post
that mentions using SSL and https, from which I infer that we'd need to ask
our host to do something like "setup apache2 to *only* use the
SSLconnection (so it doesn't respond to http but only https on port
443)".
(That's not a PmWiki setting, right?) Is it phrased correctly, to use as a
request?
I do get the part about setting $ScriptUrl and $PubDirUrl to start with
https once the server is configured so.
Is the answer to #1 no?
Is the answer to #3 no?
Thanks for any guidance!
Tegan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-users/attachments/20060405/be6a009f/attachment.html
More information about the pmwiki-users
mailing list