LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   reason for separating web server and database server (http://www.linuxquestions.org/questions/linux-security-4/reason-for-separating-web-server-and-database-server-41526/)

hardigunawan 01-15-2003 12:50 AM

reason for separating web server and database server
 
Hi,

is it better to separate web server and database server to two different host, with a firewall in the middle?

If someone hacked the web server, surely he can read the scripts which contain the uid/passwd to connect to the database server?

markus1982 01-17-2003 09:21 AM

Not only for security reasons it's a better idea to seperate that to two different hosts, if you get under heavy load it will definately be a performance reason!

For the security part it depends what kind of sensitive data you've got in the database ... if it's data like credit card, orders, etc I would definately seperate them. But if the data is just plain dynamic content it doesn't really need to be seperated from a security point of view.


So if you want to install MySQL on the 2nd server (when you have sensitive data in there) install it chrooted like described here


For the firewall something like that would be your configuration:

iptables -A INPUT -i eth0 -s <webserver ip> -p tcp --dport 3306 -j ACCEPT
iptables -A OUTPUT -o eth0 -d <webserver ip> -p tcp --sport 3306 -j ACCEPT

Be sure to LIMIT the MySQL connection to the webserver source ip and do NOT let others access it ;-)

markus1982 01-18-2003 07:31 AM

You should of course also secure the mysql user permissions, so do NOT give the users for your web scripts ALL privileges, just give them the privileges they NEED.

Like Insert, update, etc ... do NOT give them ALTER, DROP, CREATE privilege if it's not required!

unSpawn 01-18-2003 07:55 AM

Also make sure you don't allow public access to administrative stuff like myPhpAdmin and Big Brother. Trawling around for fun (not profit) I've come across many sites where I have access to stuff I shouldn't have access to. The easiest way is to rename the main page, and cover up the dir with a blank (default|index).(ph*|ht*) depending on your servers' defaults. Having authentication for that dir is a better way ofcourse.

markus1982 01-18-2003 08:02 AM

If you need help securing the basic configuration of your webserver let us now ... I've set up Apache v2.0.43 with PHP v4.3.0 and MySQL v4.0.9 as a test development a few days ago ...

markus1982 01-25-2003 01:45 PM

chrooting apache is a real mess, anyways I've created a secure configuration of apache and php which you could take a look at here


All times are GMT -5. The time now is 07:32 PM.