Am 08. Sep, 2003 schw=E4tzte elemint@cox.net so:

> Does anyone have any insight on the best way to keep a webserver secure i=
n
> a DMZ while still being able to easily update it?  Would a staging server
> running apache be good as the allowed host, so on this staging server it
> would be tested one last time and then sent on to the live server?

I generally encourage using ssh, then pushing stuff up from your revision
management system ( usually CVS ).

Another way is to setup an authenticated page that will go grab a checkout
from the revision management system, in other words: a pull mechanism.

> Would a recieve only cable be a good idea so the server on a seperate nic
> would have a cable where it could recieve only recieve the updated files
> and then implement them?

I think this would be a poor choice for updating the content on the web
site.

ciao,

der.hans
--=20
#  https://www.LuftHans.com/    http://www.AZOTO.org/
#  HERE LIES LESTER MOORE
#  SHOT 4 TIMES WITH A .44
#  NO LES
#  NO MOORE
#        -- tombstone, in Tombstone, AZ