17 Nov 2009 @ 1:29 PM 

If varnishd is now started with a -S secret-file argument, user connections are authenticated.

This solves the wide openness of the management access point to varnish. Usual workaround is to simply ssh to a shell on a restricted machine, but if you are running varnish on a system where there is shell access, any user can telnet to the management port and, well, manage varnish (by design).

This solution prevents that situation for hosting providers, and should allow wider deployments on multi-use non-dedicated servers.


Posted By: admin
Last Edit: 30 Dec 2009 @ 12:19 AM

Categories: Varnish Cache


Responses to this post » (None)

Post a Comment

You must be logged in to post a comment.

 Last 50 Posts
Change Theme...
  • Users » 330
  • Posts/Pages » 47
  • Comments » 1
Change Theme...
  • VoidVoid « Default
  • LifeLife
  • EarthEarth
  • WindWind
  • WaterWater
  • FireFire
  • LightLight


    No Child Pages.