Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Database Web Application Topology

Posted on 2008-10-06
9
Medium Priority
?
518 Views
Last Modified: 2009-04-22
what is the best and most secure topology for a database driven web application? Is there a best practice?
0
Comment
Question by:0pt1mus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
9 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 252 total points
ID: 22664848
1. web server, application server and database server are in DMZ
2. if you have one physical machine for each server, depends on your topology and the work you're willing to configure and maintain several servers
3. the database is read-only by the web/application server
4. you have a good concept of users and (access) roles for the database

hope this helps for starting ...
0
 
LVL 143

Assisted Solution

by:Guy Hengel [angelIII / a3]
Guy Hengel [angelIII / a3] earned 252 total points
ID: 22666292
>1. web server, application server and database server are in DMZ
web server: yes.
the application server and database servers: not necessarily. in regards to the db server, if it is there, it should "only" be a replication. of the actual database

>3. the database is read-only by the web/application server
well, that would be non-sense for a read/write web application?!!!


0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 22666523
> .. db server, if it is there, it should "only" be a replication. ..
yes, that's what my "read-only" implies

> that would be non-sense for a read/write web application?
agreed, but the question only says:
> .. for a database driven web application?
this reads to me that the web content is driven by the databese, not the database content by the web application. Need some clarifications here.

Anyway, even if the database is modified by the web app, ist should be in the DMZ, otherwise you open the door to you network by insecure web apps, think of SQL injection, various kinds of code injection, ...
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 22666536
sql/code injection is solved by secure web server/correct code, and not by the web/db server in the dmz or not.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 22666569
> .. solved by secure web server/correct code ..
:-)

The question was about "best practice", then isolating services is defence in depth (as I've never seen secure code, 95%++ web apps are vulnerable, somehow, today ...)
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 22666834
>as I've never seen secure code, 95%++ web apps are vulnerable, somehow, today ...
that's right. however, I don't remember having seen a 100% read-only web application, until now, on the other side, so you HAVE to make the db read-write.
0

Featured Post

Use Filtering Commands to Process Files in Linux

Learn how to manipulate data with the help of various filtering commands such as `cat`, `fmt`, `pr`, and others in Linux.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While opting for any web-to-print solution, you need to discuss with your team and some of your end users and know their opinions about your decisions. In this article we list down some questions you need to ask yourself.
Without even knowing it, most of us are using web applications on a daily basis.  In fact, Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We generally confuse these web applications to…
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question