Security

[James Pearson]

Excerpts from Programação-Fabrício's message of 2013-02-18 12:10:44 -0800:
> I was thinking if I install the varnish in a SERVER X and host my files in
> another server SERVER Y, will I have more security?  or it not make sense.
> I have so many problem with malwares in wordpress.

Wordpress has lots of issues because the people writing Wordpress plugins are
usually not terribly educated in web security.

Varnish, otoh, has very smart and experienced people working on it.  It's also
naturally less vulnerable due to the kinds of things it does - SQL injection
and XSS (by far the two most common web vulnerabilities) just don't apply.
Varnish is only pulling minimal information out of requests, and don't execute
them directly or any such nonsense.

Separating out services will always lead to some additional level of security
(after all, someone *could* find a bug in Varnish that leads to arbitrary code
execution), but I wouldn't (and don't) worry about it.
 - P