Dan,
First off, you'll need a unique IP for each SSL key. Thus, each credit
card accepting site, and thus, you might want to just have one IP for
each, as 4 isn't that bad. I host nearly 350 sites, and that would be a
little tougher to map out.
As for the file names. I have the practice for various reasons to
maintain a prefix on all Tango files, thus one site's default file might
be us_default.taf and another's might be au_default.taf. Typically this
doesn't bother my clients _too_ much, but they all have something to say
about it. The real reason for this lies in the Tango cache structure.
It's a little complicated to explain, but in some circumstances the
cache can't tell which site a file is for. For your setup, it's not
necessary, however, since you asked about general practices, it wouldn't
hurt either. It also helps when looking at logs and various forms of
debug information.
Also, you should build your sites in the IIS system as Isolated/High
Application Protection, they are little more resilient that way. Also,
if you can, turn off indexing and ASP, they are secuirty risks that you
can close if you don't need those services. Also, don't use the Inetpub
folder and, if you know how, move the t4cgi.dll file to unique location.
All of this will further complicate things for any hacker.
One other tidbit, you should technically have all .tafs, .tmls, and
.tcfs, as well as includes, in a sub folder of the site and that folder
should be execute/script only, no read.
Hope that helps.
Bob Shubert
Tronics
- Advanced Witango Hosting
Dan Stein wrote:
>
> By the fall I will have 4 different sites running off one web Server at the
> school district.
>
> 3 of these will be processing Credit Cards.
>
> None are real high traffic.
> Windows IIS5
>
> 1. do I need separate IP addresses for each site?
> 2. Will it matter if some of the .taf files have the same name?
> 3. What is the "best Practices" guidelines for this.
>
> Dan
> --
> Dan Stein
> Digital Software Solutions
> 799 Evergreen Circle
> Telford PA 18969
> Land: 215-799-0192
> Mobile: 610-256-2843
> FMP, WiTango, EDI,SQL 2000
> [EMAIL PROTECTED]
> www.dss-db.com
>
> ________________________________________________________________________
> TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED]
> with unsubscribe witango-talk in the message body
________________________________________________________________________
TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED]
with unsubscribe witango-talk in the message body
