Re: [PHP] Out source files

From: manuel.vacelet@xxxxxxxxx ("Manuel Vacelet")
Date: Mon, 19 Mar 2007 19:46:27 +0100

2007/3/19, Richard Lynch <ceo@xxxxxxxxx>:

On Mon, March 19, 2007 12:46 pm, Manuel Vacelet wrote:
> I would like to know if there is some common patterns to "out source"
> the files served by a LAMP stack.
>
> Technicaly speaking I would like to store my files (application data)
> on another machine than the one that runs my PHP app. (as I already do
> with MySql).
>
> The best would be to use a secure connexion between my app. server and
> the storage one (communication can be tunneled in SSH though).

For a media rich site, it's super common to move the images (or other
large-size files) off to a different server, with the hard drives and
OS tuned for large files. (Or for small files, if they are, say,
email bodies or somesuch.)

This works especially well for content that is acquired by the visitor
through a separate HTTP request anyway.

What sort of application data are you looking at, though?...

Ooops, forgot to precise my request ;)

I don't want the user to perform a direct connexion to another server.
It's not a matter of performances but security.

It's often recommended in some security guidelines to not store
application data on the same server than the one that runs the
application (for instance to avoid a apache or php failure expose your
files directly to anyone, or to let user execute a file she uploaded
thanks to another hole in another software).

This is already possible with any DB to have a second server and to
connect to this server through an SSL tunnel. I would like to have the
same approach for all the files not in the DB.

Note: obviously, there are security concerns in my request and there
are access rights on the files.

I hope this clarify my needs.

-- Manuel
.

Follow-Ups:
- Re: [PHP] Out source files
  - From: "Richard Lynch"

References:
- Out source files
  - From: "Manuel Vacelet"
- Re: [PHP] Out source files
  - From: "Richard Lynch"

Prev by Date: RE: [PHP] Can't get PHP errors to display or log consistently
Next by Date: time or date picker ?
Previous by thread: Re: [PHP] Out source files
Next by thread: Re: [PHP] Out source files
Index(es):
- Date
- Thread

Relevant Pages

security-basics Digest of: get.123_145
... VPN to ASP a security risk? ... Re: Multiple IPSec tunnels? ... Subject: Security NT Server ... VPN to ASP a security risk? ...
(Security-Basics)
<< SBS News of the week - Sept 26 >>
... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
(microsoft.public.backoffice.smallbiz)
<< SBS News of the week - Sept 26 >>
... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
(microsoft.public.backoffice.smallbiz2000)
Re: << SBS News of the week - Sept 26 >>
... > And he points to the info you need to put the file on the server in the ... > at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... An attacker can exploit these flaws in tandem via specially ...
(microsoft.public.backoffice.smallbiz2000)
<< SBS News of the week - Sept 26 >>
... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
(microsoft.public.windows.server.sbs)