Neal said:
Are you under the impression that somehow you can catch a virus from a
user visiting your website??
My, oh my, you're mistaken. Unless you offer some sort of uplink for that
virus to go through, no, your site is safe from IE users.
Yes, it doesn't matter how insecure the browser is, for the server to catch
a virus there must be a security hole *in the server*.
If there is a security hole in the server, it'll probably be a buffer
overflow exploit, which requires a very specialised knowledge to construct
- there is in all practical terms zero change that a browser could perform
the exploit by accident.
Besides, if your server is UNIX, it doesn't matter how many MS viri you
upload, they can't run.
If you want ultimate security consider running a Java http server, such as
erm... y'know, the one W3C uses for the validation service. Since Java runs
on a VM sandbox it is virtually impossible for an attacker to gain access
to the machine, unless there is a serious security hole in the server AND
the vm - very, very unlikely.