f90eeb589e
Fixes a remote vulnerability with fastcgi, see: http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/ |
||
---|---|---|
.. | ||
.footprint | ||
.md5sum | ||
lighttpd.conf | ||
lighttpd.rc | ||
Pkgfile | ||
README |
REQUIREMENTS PRE-INSTALL POST-INSTALL lighttpd runs as a different user ('lighttpd') by default for security reasons. Do the following after installing the port: useradd -s /bin/false lighttpd groupadd lighttpd touch /var/www/logs/access_log touch /var/www/logs/error_log chown lighttpd:lighttpd /var/www/logs/* If you wish to enable SSL support, uncomment the relevant lines in /etc/lighttpd.conf and generate a self-signed certificate: openssl req -new -x509 \ -keyout /etc/ssl/certs/lighttpd.pem -out /etc/ssl/certs/lighttpd.pem \ -days 365 -nodes PRECAUTION