On Aug 23, 2007, at 11:50 AM, David T. Ashley wrote:
> On 8/23/07, Jason Pruim <japruim@stripped> wrote:
>> I am planning on having the database open to customers of mine to
>> store their mailing addresses on-line, and be able to manage the
>> Is it safe, to have 1 database with lots of tables? Or am I safer
>> setting up separate databases for everyone?
>> I should mention, no one will be accessing the database directly,
>> it'll be through a web interface and php to display it.
> Assuming that the web server runs on the same box as the MySQL
> daemon ...
> you want to firewall the server so that nobody can connect to the
> daemon directly from outside the box. It is also a bad idea to
> allow the
> users to have shell accounts on that box unless you have taken
> security precautions (specifically, being sure the MySQL userid/
> you're using are secure from all but the web server UID/GID, and
> that no
> other userid/passwords have access to the database you're using).
> Once that is done, all access to the database is controlled by the PHP
> scripts, and there is no security advantage to having multiple
> I'm assuming that users have to log in individually (jsmith,
> bjones, etc.)
> and that the PHP scripts then carefully control what each user is
> allowed to
> I'm also going to assume that you've handled all the obvious
> issues, such as:
> a)Database transactions/atomic actions.
> b)Terminating TCP connections and ensuring that each PHP script
> runs to
> completion, anyway, and that the database isn't left in an
> state due to this.
The server is currently firewalled to block all but the necessary
ports from outside the local network.
No user, other then myself, and a few admins on the server will have
The MySQL userid/password will be changed once I go live with it, or
get into the final testing.
What do you mean by "b"? If all the connections come from the local
box how could I configure that to make sure it's all set up so it
won't leave the database all messed up?
3251 132nd ave
Holland, MI, 49424