Re: [PHP] Out source files
- From: ceo@xxxxxxxxx ("Richard Lynch")
- Date: Mon, 19 Mar 2007 18:17:19 -0500 (CDT)
On Mon, March 19, 2007 1:46 pm, Manuel Vacelet wrote:
2007/3/19, Richard Lynch <ceo@xxxxxxxxx>:
On Mon, March 19, 2007 12:46 pm, Manuel Vacelet wrote:
I would like to know if there is some common patterns to "outsource"
the files served by a LAMP stack.data)
Technicaly speaking I would like to store my files (application
on another machine than the one that runs my PHP app. (as Ialready do
with MySql).and
The best would be to use a secure connexion between my app. server
the storage one (communication can be tunneled in SSH though).
For a media rich site, it's super common to move the images (or
other
large-size files) off to a different server, with the hard drives
and
OS tuned for large files. (Or for small files, if they are, say,
email bodies or somesuch.)
This works especially well for content that is acquired by the
visitor
through a separate HTTP request anyway.
What sort of application data are you looking at, though?...
Ooops, forgot to precise my request ;)
I don't want the user to perform a direct connexion to another server.
It's not a matter of performances but security.
It's often recommended in some security guidelines to not store
application data on the same server than the one that runs the
application (for instance to avoid a apache or php failure expose your
files directly to anyone, or to let user execute a file she uploaded
thanks to another hole in another software).
This is already possible with any DB to have a second server and to
connect to this server through an SSL tunnel. I would like to have the
same approach for all the files not in the DB.
Note: obviously, there are security concerns in my request and there
are access rights on the files.
I hope this clarify my needs.
One common pattern in PHP is to not put the file in the web tree at
all, and write a PHP script with 'readfile' (or fopen/fread/echo loop
for larger files).
You can then control access to the file, and log any kind of stats you
need about accessing the file.
Once you have that, then you can also put the files on some other
server, and use URL fopen to read them, if you like.
I've done that for one site where a webhost a like has limited hard
drive space, and have made it appear as if a Terabyte of music is
available on a 500 meg site.
Or you could use PHP ftp functions to shuffle them around.
Or, if you like, I suppose you could exec scp or something.
It depends more on what you are trying to secure, and why, than it
does on any sort of general principle, really... And just personal
preference on how to do this sort of thing... And your performance
needs are a big factor, sometimes.
--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?
.
- Follow-Ups:
- Re: [PHP] Out source files
- From: "Manuel Vacelet"
- Re: [PHP] Out source files
- References:
- Out source files
- From: "Manuel Vacelet"
- Re: [PHP] Out source files
- From: "Richard Lynch"
- Re: [PHP] Out source files
- From: "Manuel Vacelet"
- Out source files
- Prev by Date: Re: [PHP] Name Capitalization
- Next by Date: Re: [PHP] php search engine
- Previous by thread: Re: [PHP] Out source files
- Next by thread: Re: [PHP] Out source files
- Index(es):
Relevant Pages
|
