On 06/26/2003 06:01 AM, Siddharth Hegde wrote:
I have tons of other questions going through my mind. I think I should just go and buy a book or something. Any suggestions? I will also be securing the Linux server so any book on this topic also would help (I am sure they are a couple of good books ).
A safer architechture would be to use two machines. One to act as the Web server and the other to process transactions. The Web server would take the orders and request the transaction server to process them.
The transcation server can only be accessed from the Web server. Nobody should be able to reach the transaction server from the Internet. The transaction server machine should have the database server too. The database server should not accept network connections.
No sensitive passwords should be stored in the Web server, only in the transaction server. This way you are more safeguarded against invasions that may happen any time.
As for protecting your scripts, you should do it for instance with Turck encoder that is free but provides similar services to the commercial alternatives.
http://www.turcksoft.com/en/e_mmc.htm
--
Regards, Manuel Lemos
Free ready to use OOP components written in PHP http://www.phpclasses.org/
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
