On Sat, 05 Jan 2008 13:07:47 +0200, viktoras didziulis wrote: > Leaving an open port for remote access to any database would it be > MySQL or Postgress is considered a serious web server security breach > and most providers are aware about this. Besides your data would > never be secure on such an open system - anyone that is able to sniff > your password can drop all your tables, and do even more harm...
That's true; the only thing I'd like to add here is that at least with MySQL (which I'm the most familiar with), when you set up who gets access to the database, you can also identify an IP address "mask" that's authorized; so if its for a select set of people who have static IPs, then you can fully restrict access to only those individuals; if they have dynamic IPs, you can provide a reasonably narrow range of access, and this is of course in addition to the login and password into the database. For the clients I've been working with over the last 4 years, we've only had one unauthorized access (and that was because the 'root' user was accidentally left without an IP address restriction). This is of course with a direct "Rev-on client" to "mySQL-DB-on-remote-server" implementation. As Viktoras suggested, a more secure way is to relay (regardless of database backend). Just my 2 cents, Ken Ray Sons of Thunder Software, Inc. Email: [EMAIL PROTECTED] Web Site: http://www.sonsothunder.com/ _______________________________________________ use-revolution mailing list [email protected] Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution
