OS X Personal Web Sharing - how safe?

why not set up some webhosting? I mean ASO is $25 a year for 75MB space and 3GB bandwidth or $50/year for 400MB and 10GB bandwidth and they are highly recommended on MR (e uses them, and I do too but only for a short time.)

 

The US Army switched to Macs running MacOS 9/MacHTTP for its webserver back in the day. Today, it runs MacOS X/4D WebSTAR. The Army had been running Windows, but switched to the Mac for security reasons. Personal Web Sharing is an implementation of opensource Apache, the most popular webserver in the World. 4D WebSTAR is the commercial version of pioneering shareware webserver MacHTTP. I am aware of no security advantage one way or the other between 4D WebSTAR and Apache. You may have more pressing security concerns, but Mac webservers work just fine for the US Army.

 

I would not worry about it at all. Regardless of what user you're logged in as when you turn it on in System Prefs, Apache runs under its own unprivileged account, so even if it could be exploited in some way, it would be very unlikely that that attack could result in root access. The version that ships with OS X (Apache 1.3) is old, stable, and well-tested. Just double-check your permissions in your web-accessible folders, give those folders and the files within them no more permissions than they need, make sure they are owned by the proper account (www:www in /Library/WebServer/Documents and you:you in ~/Sites) and you'll be fine.