That is the point but if you make the database server accessible from the Web server, anybody that hacks the Web server, can hack the information in the database server, making having the two servers pointless.
Not necessarily. There are a number of things that one can do to protect the second machine. The first one can be limited to whatever requests the Web server was allowed to make. So, data on the second server can be secured.
I've seen it done where the connection between the web and data servers was made using SNA instead of TCP/IP to increase security. Regardless of protocols, the database server can be configured to only accept certain requests from the web server, and none at all from outside the trusted network.
IBM markets an iSeries server that allows you to configure multiple servers in one box. You can have different physical servers, or different logical servers, or a mix. By configuring separate web and data servers, you can dramatically increase security.
It just takes a little planning.
-- Chris Rehm [EMAIL PROTECTED]
For all the law is fulfilled in one word, even in this; Thou shalt love thy neighbour as thyself.
Gal. 5: 14
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
