I think #1 is your best option esp if the php script only does reads on the db. I think the separation of the php app and the db is more for scalability but in low traffic sites having the 2 components on the same host can perform even better than having them separate as data doesnt need to travel over the network.
Johann On 4/19/11, Michael Janapin <[email protected]> wrote: > Hello, > I just want to ask the best way to do this. > > We have a MySQL server that is accessible only within our local subnet, > which is of course, behind a firewall. > > Now we have a website hosted abroad where I'm planning to put some php pages > to access our database after a secure login process. > > I have three options right now that I can think of. > 1. Use our web host's MySQL server as a slave server. > 2. Use another machine within our local subnet as a slave mysql server and > configure the firewall to port forward mysql connection to this machine. > 3. Just configure the firewall to port forward to our MySQL server. > > My hesitation to #3 above is that it looks the most vulnerable to me! (I'm > not really comfortable with just the firewall). > With #2, it would require another machine to run the slave mysql, and might > be too cumbersome to setup. > With #1, I read somewhere that it would be best to separate the location of > the php scripts with the mysql server it is trying to access. > > > The database contains sensitive information (no credit card numbers, thank > God!) and so I'd like a secure way of making it accessible to our valid > users. > > Any tip is greatly appreciated. Thank you in advance. > > -- > Michael R. Janapin > PBTS Baguio City, Philippines > http://mulingsilang.wordpress.com > http://www.pbts.net.ph > -- Sent from my mobile device _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
