SQL 2000 Backend Database to Website

  • Hi,

    This is my first post...

    Could you give me help for securing a backend sql server for my website.

    e.g. should i join it to a domain for windows authentication or no use the server's windows authentication.

    any tips e.g. securing services, passwords etc...

  • hello Levi,

    Your question is too general. It all depends on the environment you are running. If you have an Active Directory environment running on IIS then sure Windows Authentication would work. Also what comes into play is the question if your going to be using Asp, Asp.net or even PHP for the web programming? I would look at what existing technologies are avaliable to you and base your decision on that.

    Thanks,

    LEE

     


    lee
    MCSA 2003
    ASP & ASP.net Developer

  • Also, is this website on an intranet or on the internet?

  • Hi,

    It's a backend server for the internet. There is a 2003 AD domain available. The front end server will be running php.

    Any ideas?

     

    Cheers

  • Hello again,

    PHP does have a certain LDAP connector but the question is how your going ot integrate the security into your application? Are you going to assign permission on a page by page basis or would it be a all or nothing type access to your application? From my previous experiences, i used ASP to create a security system that allowed usered to access certain sections of the application. Ofcourse this adds to the development time of the application. Recently I've played with Visual Web Developer 2005 and found its security intergration rather easy to use. It provides a sort of GUI interface into the web.config file which is where windows authenication or form authencation can be assigned. Once again it all depends on which avenue you want to take in the creation of your application.

    Thanks

    Lee  

     

    Edit: here is a lil doc on PHP and Active Directory, i guess call it a starting point. http://www.experts-exchange.com/Web/Web_Languages/PHP/PHP_Windows/Q_21043386.html


    lee
    MCSA 2003
    ASP & ASP.net Developer

  • Hi,

    Thanks for the reply. It will be a single user in every script that connects (the same user).

    I'm not so concernced about db permissions etc, i was thinking more along the lines of disabling services, locking down functions etc & securing the box.

    Although I'm happy with Windows 2003 Server, I just wanted to know what I should be tweaking in SQL 2000.

  • cool cheers

  • As far as hardening a server or SQL installation, first things first, make sure the atches are up to date.  Then check various security resources white papers etc from MS, US-CERT.Gov, sans.org, FBI.gov, csrc.nist.gov, dshield etc.

    To help us help you read this[/url]For better help with performance problems please read this[/url]

  • ...the patches are up...

  • Yeah patches... I knew I should have spent more time with Mavis Beacon...

    To help us help you read this[/url]For better help with performance problems please read this[/url]

  • Can any body Tell me how to put up a MS SQL Data base to a website. Curently I am having an access database as backend. But I have throught of changing it to MS SQL Data base. It would be nice it some body elaborates me the process and steps involved. Also I have another quesion How much record In genreal how much data can an access database hold without significant drop in performance. 

     

    ThankX in advance.

  • I'd suggest you start a new thread for this question so that more persons read it.

    Also performance wise, I can assure you that if access can handle it then sql server most certainly can (assuming that the design is not completly flawed).

Viewing 12 posts - 1 through 11 (of 11 total)

You must be logged in to reply to this topic. Login to reply