hackalive Posted June 2, 2012 Share Posted June 2, 2012 Hi guys, I have this concept and wanted to know your opinions. So basically there is my web-server offiste and a storage server onsite (two separate locations). To get the web-server to pull content via PHP from the storage server it communicates using SSL over HTTPS. To make it so not just anyone can get the data via the HTTPS path you would also pair the IPs (so ensure static IPs) and also do some form of token handshake (like oAuth but a custom library). Would this be secure? Or not really? Cheers Link to comment https://forums.phpfreaks.com/topic/263542-a-secure-concept-or-not/ Share on other sites More sharing options...
smoseley Posted June 2, 2012 Share Posted June 2, 2012 Relatively secure, but in general not a good idea to open up a secure LAN outside via HTTP. Better idea would be to set up a VPN and configure your remote server to log in to the VPN and access the file server as though it's local. Though you could also just use a firewall to limit remote connections to your web server's IP address. Link to comment https://forums.phpfreaks.com/topic/263542-a-secure-concept-or-not/#findComment-1350675 Share on other sites More sharing options...
hackalive Posted June 3, 2012 Author Share Posted June 3, 2012 Cant do VPNs as I am allowing others to add their server to mine too. Also note it will be SSL and HTTPS Link to comment https://forums.phpfreaks.com/topic/263542-a-secure-concept-or-not/#findComment-1350705 Share on other sites More sharing options...
smoseley Posted June 3, 2012 Share Posted June 3, 2012 Ok, well it should be ok.... I'd still firewall it though. Link to comment https://forums.phpfreaks.com/topic/263542-a-secure-concept-or-not/#findComment-1350723 Share on other sites More sharing options...
hackalive Posted June 3, 2012 Author Share Posted June 3, 2012 so by firewall you mean make sure no incomming or outgoing connections are possible except to the IP of the webserver (do this on the storage server)? Link to comment https://forums.phpfreaks.com/topic/263542-a-secure-concept-or-not/#findComment-1350734 Share on other sites More sharing options...
smoseley Posted June 3, 2012 Share Posted June 3, 2012 Yeah, that'll work. Link to comment https://forums.phpfreaks.com/topic/263542-a-secure-concept-or-not/#findComment-1350740 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.