Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

But "broken your blog" could mean "shell access to your blog server" -- is there no risk of illegal activities happening on that server that put the owner at risk? Like, I don't know, drug trade or child porn or whatever?


Anecdotally, I can't remember ever hearing about someone getting in real trouble because their server got popped and someone else used it for crime.


Philosophically: L'État, c'est moi, build your crappy cgi scripts with nginx or apache all from the CLI and all in vim and you will understand.

Practically: Ports 22, 80, and 443 open and directly accessible from 0.0.0.0/0 is extremely manageable.


Why would anyone today leave port 80 open? I do https by default even for my blog.


For me personally it's just old configs I have that redirect from port 80 to 443. You're right though - probably unnecessary in this day and age.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: