| 1 |
On Thursday 28 May 2009 21:33:02 Mick wrote: |
| 2 |
> On Thursday 28 May 2009, Alan McKinnon wrote: |
| 3 |
> > A chroot jail is of no real use to you here - it's a development tool and |
| 4 |
> > amazingly useful for gentoo installs, but has no real security or process |
| 5 |
> > separation benefits. So says Alan - not me, a different one. |
| 6 |
> |
| 7 |
> OK, thanks for this to both of you! :) |
| 8 |
> |
| 9 |
> > Your problem will be that only one apache instance can run on port 80. |
| 10 |
> |
| 11 |
> That's no problem. I can run the payment managing website on a different |
| 12 |
> port. |
| 13 |
> |
| 14 |
> > Your options: |
| 15 |
> > 1. Run the ecommerce apache on a different port. |
| 16 |
> |
| 17 |
> Yep, SSL, different port. |
| 18 |
> |
| 19 |
> > 2. Install a second NIC with a different IP and bind each apache to port |
| 20 |
> > 80 on it's own nic. |
| 21 |
> |
| 22 |
> How do you do this? |
| 23 |
|
| 24 |
It' sin the apache docs, called "IP based virtual hosts" if memory serves. |
| 25 |
|
| 26 |
Basically, you'll modify the standard apache init script and make a copy to be |
| 27 |
able to treat two apaches as separate apps. Instead of simply specifying the |
| 28 |
port, specify an IP and a port in the config. You must use different hostnames |
| 29 |
too obviously, and get this info into DNS. |
| 30 |
|
| 31 |
Start apache-1, start apache-2, voila |
| 32 |
|
| 33 |
> > 3. If you use separate mysqls, run them on different ports. |
| 34 |
> |
| 35 |
> I'll need to run them using /usr/bin/mysql --options I guess, rather than |
| 36 |
> using the /etc/init.d scripts, right? |
| 37 |
|
| 38 |
Yup, two configs, two init scripts, two instances. |
| 39 |
Just like apache. |
| 40 |
|
| 41 |
> > However, it's an e-commerce site so one must state the obvious: |
| 42 |
> > |
| 43 |
> > You must be out of your mind running an ecommerce site on the same |
| 44 |
> > machine as other php vhosts. Please give me the URL so I know never to |
| 45 |
> > buy there - I have no way of knowing what those vhosts are, who the |
| 46 |
> > webmaster is and how secure they are. |
| 47 |
> |
| 48 |
> Is the fear that one of these apache vhosts installations will be |
| 49 |
> compromised and then the ecommerce/payment website will get hacked from the |
| 50 |
> inside? |
| 51 |
|
| 52 |
Yes. |
| 53 |
|
| 54 |
You do not ever want people's credit card details exposed or stolen. You need |
| 55 |
to take extraordinary efforts or customers will not trust you. |
| 56 |
|
| 57 |
Any thought you ever have along the lines of "I don't need to do thing X as |
| 58 |
that will not happen" - beware, that's the very time that Murphy makes X |
| 59 |
happen... |
| 60 |
|
| 61 |
> > So I recommend option 4: |
| 62 |
> > |
| 63 |
> > Pony up the money for server #2 |
| 64 |
> |
| 65 |
> Hmm, yes that's what I was trying to avoid. ;-) |
| 66 |
> |
| 67 |
> Would running complete virtual servers to achieve separation be any/much |
| 68 |
> better? |
| 69 |
|
| 70 |
It's almost as good as separate hardware, especially if you have a good |
| 71 |
virtual machine system that gives you complete separation of network |
| 72 |
interfaces - either physical or virtual. |
| 73 |
|
| 74 |
If the box can handle the load, I say go with this approach. You have to have |
| 75 |
an enormous site with heaps of users to outrun an average modern server |
| 76 |
|
| 77 |
-- |
| 78 |
alan dot mckinnon at gmail dot com |
Archives