Oct 05

Build security into your systems part 8

Protecting your databases from web-based attacks
Start by reviewing the security procedures explained in this article thus far.
Always remember that your host computer is both your connection to the outside world and, if unprotected, the outside world’s connection to your internal network. Make sure that you verify the following:
•For web-shared solutions, especially on the Internet, consider configurations with two (or more) computers separating the database from the web publishing components, firewalls, SSL and other standard Internet technologies.
This protects access to your files and protects the communication between web users’ web browser and the server.

•Review settings for remote access, such as file sharing and FTP, to ensure that direct access to upload or download files from the host computer are restricted in a manner that prevents inappropriate access to your files.

•When you host a database using TCP/IP, you might be allowing uninvited visitors access to your host computer and internal network. A firewall is essential to separate your network and protect files “behind the firewall,” which prevents users on the outside of the firewall from accessing any TCP/IP addresses that you have not exposed.

Leave a Reply