Your software is only as secure as your configuration defines it to be. Defective configuration settings are an extremely common cause of security holes, and are easy to take advantage of.