-> I'd like to also have a one-box solution, though.
Ooh, that's bad JuJu. Keeping CC#s on the same box as your
webserver?
a) Pray there are no overflows/misconfigurations/etc. on the webserver
daemon.
b) Turn off EVERY other service on that box (even ssh has had a buffer
overflow).
-> > You have a ZCommerce site. You accept credit cards, and securely
-> > communicate with a CC processor to verify the transacton. Now,
Besides Bill's suggestion, keep all your servers behind a good
firewall. One option is to use Linux IP Masquerading, having your
webserver *and* dat