[nycphp-talk] Mom and Pop CC Security
Brent Baisley
brent at landover.com
Mon Jul 22 14:44:46 EDT 2002
In any setup, you want to rule out as many variables as you can. This
ideally means using multiple machines. Your database should not be
directly exposed to the internet, it should be behind a firewall and the
firewall should be set to control what computers can access the database
machine through which ports. That reduces the "variables" considerably
and is fairly easy to implement.
For instance, my setup looks something like this:
internet <-> firewall <--> web & mail servers <--> firewall <--> LAN
On top of all that, you still have your os, web and database security
levels in place. It takes a bit of effort to come up with all the
security policies you want, but once you do, it's easy to maintain.
On Monday, July 22, 2002, at 02:02 PM, Hans Zaunere wrote:
> There are of course many variables,
More information about the talk
mailing list