1 |
On Thursday 28 May 2009 20:57:08 Mick wrote: |
2 |
> Hi All, |
3 |
> |
4 |
> I am considering running an ecommerce website (php+mysql) on a server which |
5 |
> is already running apache (with a number of virtual hosts) and a couple of |
6 |
> php+mysql driven websites. |
7 |
> |
8 |
> The ecommerce website is meant to be used to process customer payments. I |
9 |
> have not looked into setting up something like this before and I am not |
10 |
> sure where to start. Should I be thinking of chroot jails, multiple |
11 |
> apache/mysql installations, or what else is recommended? How do you do it |
12 |
> in your implementations? |
13 |
|
14 |
A chroot jail is of no real use to you here - it's a development tool and |
15 |
amazingly useful for gentoo installs, but has no real security or process |
16 |
separation benefits. So says Alan - not me, a different one. |
17 |
|
18 |
Your problem will be that only one apache instance can run on port 80. |
19 |
Your options: |
20 |
1. Run the ecommerce apache on a different port. |
21 |
2. Install a second NIC with a different IP and bind each apache to port 80 on |
22 |
it's own nic. |
23 |
3. If you use separate mysqls, run them on different ports. |
24 |
|
25 |
However, it's an e-commerce site so one must state the obvious: |
26 |
|
27 |
You must be out of your mind running an ecommerce site on the same machine as |
28 |
other php vhosts. Please give me the URL so I know never to buy there - I have |
29 |
no way of knowing what those vhosts are, who the webmaster is and how secure |
30 |
they are. |
31 |
|
32 |
So I recommend option 4: |
33 |
|
34 |
Pony up the money for server #2 |
35 |
|
36 |
-- |
37 |
alan dot mckinnon at gmail dot com |