database security on the net ; secure access to monitoring servers
I am facing 2 issues before publishing my web application.I have to main questions.
- How to protect a database publicly accessible on the net ?
monitoring serv开发者_开发百科ers will also be on the net.
What is the best secure and flexible way to manage staff's authentications on these monitoring servers ? should I use an LDAP system ? is it more secure to use another domain name for these servers ?
Thanks in advance for helping me :)
I can't tell from your question whether you have a public-facing web application that you need to secure, or if you need to secure a publicly accessible database.
If it is the second, I can't really help (not my area of expertise).
If it is the first, you are asking about a fairly complex topic that can't be answered thoroughly in a forum. I would check out the Open Web Application Security Project (http://www.owasp.org) and start reading up. They have a lot of relevant and very detailed information on securing web applications. Specifically, I recommend that you look at their Development Guide (http://www.owasp.org/index.php/Category:OWASP_Guide_Project#tab=Downloads), it is a great starting point.
精彩评论