I originally posted this under "General Security", seems more approprate here . . .
We are quickly approaching the time when we will deploy our new website which uses PHP and MySQL to store sensitive data. Based on feedback we've received it was decided that we should separate the db server from the rest of the site, which is currently hosted entirely at a public ISP. We will likely use FreeBSD as the OS on our MySQL server box. What do we need to do to secure this MySQL server from intrusions? Others have directed my towards using a firewall or "reverse proxying" but I still need to learn more. I'm hoping for a push in the right direction.
Thanks,
David Rock
We are quickly approaching the time when we will deploy our new website which uses PHP and MySQL to store sensitive data. Based on feedback we've received it was decided that we should separate the db server from the rest of the site, which is currently hosted entirely at a public ISP. We will likely use FreeBSD as the OS on our MySQL server box. What do we need to do to secure this MySQL server from intrusions? Others have directed my towards using a firewall or "reverse proxying" but I still need to learn more. I'm hoping for a push in the right direction.
Thanks,
David Rock