(Continuation from day before yesterday)

Most sample "configuration files" don't work well as an initial condition, because they are provided with the most severe security configuration.

What I should do is to repeat endlessly the loop between changing configuration file and rebooting with the touch-up.

I know the importance of security though, I also want to claim "why do you want to make the strict configuration file that doesn't make the server work.

Like of me,

- I want to confirm the operation of the server first, even if the server is hijacked.

- I want to think about security problem after I confirm the operation.

I think not a few engineers are existing to think the above.

Even if my lazy works give the other's cyber attach chances, it is my fault absolutely.

No one would deny that my fault.

-----

I want to ask the people who is developing the server software, to add a new type of configuration file "default configuration file with non-concept security"

How do you like the extension ".zaru"?

apache2.conf.zaru, or vsftpd.conf.zaru

Do you want to use the idea of this ".zaru" file that "if you use this configuration file, your server will be hijacked easily, but it works absolutely."

-----

I know that even if a server is hijacked, the server becomes a foot stool and starts other servers, so the contents of configuration files should be strict.

However, I want to say "give me a break" because I have to waste my precious five hours in weekend, just for finding one comment out.