top | item 45533629

(no title)

moehm | 4 months ago

Yes, but the web server is just reading files from disk and not invoking an application server. So if you keep your web server up to date, you are at a much lesser risk than if you would also have to keep your application + programming environment secure.

discuss

manmal|4 months ago

That really depends on the web server, and the web app you'd otherwise be writing. If it's a shitty static web server, than a JVM or BEAM based web app might be safer actually.

moehm|4 months ago

Uh, yeah, I thought about Nginx or Apache and would expect them to be more secure then your average self-written application.