database security on the net ; secure access to monitoring servers

I am facing 2 issues before publishing my web application.I have to main questions.

1. How to protect a database publicly accessible on the net ?

2. monitoring serv开发者_开发百科ers will also be on the net.

   What is the best secure and flexible way to manage staff's authentications on these monitoring servers ? should I use an LDAP system ? is it more secure to use another domain name for these servers ?

Thanks in advance for helping me :)

I can't tell from your question whether you have a public-facing web application that you need to secure, or if you need to secure a publicly accessible database.

If it is the second, I can't really help (not my area of expertise).

If it is the first, you are asking about a fairly complex topic that can't be answered thoroughly in a forum. I would check out the Open Web Application Security Project (http://www.owasp.org) and start reading up. They have a lot of relevant and very detailed information on securing web applications. Specifically, I recommend that you look at their Development Guide (http://www.owasp.org/index.php/Category:OWASP_Guide_Project#tab=Downloads), it is a great starting point.