Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
jrockfl
Posting Yak Master
223 Posts |
 Posted - 2004-10-12 : 08:44:25
|
| We currently are using a Pervasive database with our accounting software. We will be upgrading to MS SQL Server sometime this year. We also have a a dedicated web server that is hosted with another company. I'm thinking about bringing the web server in house.Currently, I do a lot of DTS to transfer data from the local network to the web server, if we host our web site in house, what is a typical setup scenerio? Should I still have a seperate db for the web? For example, I have created a web application that allows customers to view their order history. Right now there is a day delay, because the DTS happens at night. Could I use the main database for viewing order history or should I create a different db and use DTS?How safe is using the main database on the web? |
|
|
jrockfl
Posting Yak Master
223 Posts |
Posted - 2004-10-13 : 14:09:35
|
| anyone? |
 |
|
|
spirit1
Cybernetic Yak Master
11752 Posts |
Posted - 2004-10-13 : 14:29:52
|
safe as u make it... with correct security implementation and data access there is minimal risk IMO.Go with the flow & have fun! Else fight the flow  |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2004-10-13 : 14:33:28
|
| Why not use snapshot or transactional replication instead of DTS?Tara |
|
|
|
derrickleggett
Pointy Haired Yak DBA
4184 Posts |
Posted - 2004-10-13 : 22:27:36
|
It's not Freedom Group is it?  The main security risks between the web server and database server are:1. Improper firewall rules allowing any traffic through to the database server.2. Allowing accounts from the web server to have more access on the database server than absolutely necessary.3. No monitoring on the network to prevent intrusion.If you have db-to-db access, you are already opening up the ports needed for this communication. You would be better off to not even have a database on the web server and just call stored procs on the db server from the web server. The procs are the only objects accounts have access to on the web server. You should also look at using non-standard ports and only allowing access from outside the domain to the db server on that specific port from the specific IP of the web server.An even better solution would be to have an app server setting between the web and db servers. It would serve the information to the web server.MeanOldDBAderrickleggett@hotmail.comWhen life gives you a lemon, fire the DBA. |
|
|
|
|
|
|
SQL Server and Web Server