Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:70038
Return-Path: <ingwie2000@googlemail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 64500 invoked from network); 6 Nov 2013 20:09:33 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 6 Nov 2013 20:09:33 -0000
Authentication-Results: pb1.pair.com smtp.mail=ingwie2000@googlemail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=ingwie2000@googlemail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain googlemail.com designates 209.85.214.49 as permitted sender)
X-PHP-List-Original-Sender: ingwie2000@googlemail.com
X-Host-Fingerprint: 209.85.214.49 mail-bk0-f49.google.com  
Received: from [209.85.214.49] ([209.85.214.49:55498] helo=mail-bk0-f49.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 40/62-50145-DF1AA725 for <internals@lists.php.net>; Wed, 06 Nov 2013 15:09:33 -0500
Received: by mail-bk0-f49.google.com with SMTP id w14so2088bkz.8
        for <internals@lists.php.net>; Wed, 06 Nov 2013 12:09:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlemail.com; s=20120113;
        h=content-type:mime-version:subject:from:in-reply-to:date:cc
         :message-id:references:to;
        bh=ts8VIvRlZjiz1vrm9h8QMFZsxjTggSCneAz+M2kjJ7w=;
        b=nBK1xTKoTnQazrnPaV2Xg6/rO9hTLOgZ1j/aEnYfkKipFdWOUt/KAPRF/VDFC1PROp
         iBTiZap+OXpn8DmEBzJPOzGKnGc9YCyfn7fa/3bVy3Ny/KZosdvzTbg3JZNCpXrq9Wkp
         jGfbmNC39b8xKRdP0YCVoyVgJFQJ9bU+QeRdxmfpsTAYIgc41/fEtH6S3oAXltc/ct9H
         pmS9h6hiY3XRAjoYxCRlw4bL3pOnL4Myo0IrjrK6yrSkCoWx1+MilmNxQ0VA0ByU8IFb
         DPvulMBOXEqD+kqLYbIy3rxVYwSfis1oS5ljmOJc2OQeVr/QQwszGuAwwalcmwojAPle
         e4Nw==
X-Received: by 10.204.230.68 with SMTP id jl4mr3705844bkb.3.1383768570092;
        Wed, 06 Nov 2013 12:09:30 -0800 (PST)
Received: from [192.168.200.19] (dslb-188-097-113-076.pools.arcor-ip.net. [188.97.113.76])
        by mx.google.com with ESMTPSA id ny10sm24721929bkb.17.2013.11.06.12.09.29
        for <multiple recipients>
        (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
        Wed, 06 Nov 2013 12:09:29 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_888CBBD2-E687-4CA4-94DD-EAB2D1115F8D"
Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1816\))
In-Reply-To: <CAGa2bXZBuXXyUc=1zEiw=-CtE82DHYhc+C8m_w5Z4ubw-U6oxg@mail.gmail.com>
Date: Wed, 6 Nov 2013 21:09:28 +0100
Cc: Adam Harvey <aharvey@php.net>,
 PHP internals <internals@lists.php.net>
Message-ID: <4831191E-117E-4AEA-9532-8CC344A855E5@googlemail.com>
References: <60B9BBE0-BC3F-490A-AD78-9EBC22C808CF@googlemail.com> <CAGa2bXZ1XVf0HZ4oQ8r0gsaw6UmxuQfEquVMcTZjk5wfPwqcGQ@mail.gmail.com> <CADajX4AXOnOUX2DHf4D7+tTKUNHsCyP2WUz3KkKkxuvChpBKrg@mail.gmail.com> <CAGa2bXZBuXXyUc=1zEiw=-CtE82DHYhc+C8m_w5Z4ubw-U6oxg@mail.gmail.com>
To: Yasuo Ohgaki <yohgaki@ohgaki.net>
X-Mailer: Apple Mail (2.1816)
Subject: Re: [PHP-DEV] CLI Web Server customization
From: ingwie2000@googlemail.com (Kevin Ingwersen)

--Apple-Mail=_888CBBD2-E687-4CA4-94DD-EAB2D1115F8D
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

Hey!

Thank you all for your kind help, now I feel confident using the CLI =
HTTP server, and will very surely be doing so now.

As for the note, I'd have some idea for it:

	Note: Due to the CLI Web server's low security, as it's =
intention wasn't for the internet or productive use, we would suggest =
you to use a more standard webserver such as Apache. However you can use =
it inside a network or for local development, as security concerns may =
not be as high in these areas (that is, if the IP the server is bound to =
is not publicy available).

Kind regards!
Am 06.11.2013 um 21:00 schrieb Yasuo Ohgaki <yohgaki@ohgaki.net>:

> Hi Adam,
>=20
> On Thu, Nov 7, 2013 at 1:45 AM, Adam Harvey <aharvey@php.net> wrote:
> My recollection of the discussion at the time was that part of the
> reasoning behind that note was security: the CLI server was a new
> piece of code, and the public Internet is a pretty hostile place,
> particularly for Web servers. Therefore the intention was to
> discourage users from exposing the CLI server on anything other than
> loopback and private networks.
>=20
> It doesn't sound like that's a problem for Kevin, but I'm pretty sure
> that was part of the context there.
>=20
> I agree.
>=20
> There was security issue in cli server in fact.
> Current documentation is too much. IMHO.
> It may be good time to modify our doc a little.
>=20
> Any objection for making security warning to a note
> that discourages use under internet?
>=20
> Regards,
>=20
> --
> Yasuo Ohgaki=20
> yohgaki@ohgaki.net


--Apple-Mail=_888CBBD2-E687-4CA4-94DD-EAB2D1115F8D--