HTTPS/SSL - what's considered a "hack" and what isn't?

[purps]

Discussed this briefly with merkur2k, bongowongo and golgoj4 (I believe?) on IRC, but I wasn't quite sure what the conclusion was, so wanted to open the discussion up on the forums.

I am experiencing this problem http://forum.linuxmce.org/index.php?topic=11719.0, but we discovered it's because I stupidly chattr +i'ed /etc/apache2/sites-available/pluto. The reason I did this was because I was losing my HTTPS settings whenever the core was rebooted.

My question: Referring to this page http://wiki.linuxmce.org/index.php/HTTPS, what's fine to do, and what's not recommended? Obviously the chattr command was a silly thing to do (and I have removed this instruction from the wiki page), but I just wondered if there was anything else I should avoid doing? I'm going to restore my system to a previous (working) image, and want to know if I'm doing things right with regards to HTTPS setup.

Alternatively, is there another method of accessing my web orbiters externally in a secure manner?

Cheers,
Matt.

[merkur2k]

in a general sense, anything you have to adjust manually that seems like it should be part of the system is considered a hack. now, workarounds are fine too, if the problem is also reported and any instructions for the workaround clearly indicate as such and contain the ticket number.
for this specific case, a core_input firewall rule for port 443 just needs to be created. thats it.

[purps]

Thank you for the reply, and the clarification.

OK, so if I restore my system to a previous image, and then update/upgrade, all of this will be in place?

What I don't understand (and I think I mentioned this in IRC) is how does the dyndns address that I set up fit into all this? Surely that information has to be entered in somewhere?

Cheers,
Matt.