February 3rd, 2012, 10:55 AM
Apache vs hosting - what is more secure?
My question is about security (my knowledge here is rather basic):
1) is it more secure to run own webserver inside intranet with php, mysql, etc installed? (lets say intranet is well secured). Installation and configuration of that server wuld be done be external company, so I assume they will do that in right, secure way...
2) or is it safer to buy a place inside secure external hosting company where the application would be uploaded - then make allow only for IPs of specific groups of users, etc.
Which solution is better?
-Solution 1 is better in condition of proper server configuration? I understand, that webserver installed inside intranet is invisible from the outside (so it cant be attacked by the outside attackers), unless somebody will get inside that intranet
-Solution 2 - external hosting takes care of security, but in fact in this case appliacation is accessible from the outside
Please advise me if my deduction is correct, and what are your ideas.
February 3rd, 2012, 01:56 PM
Welcome to DevShed Forums, decor.
If you don't need to allow anyone who doesn't already have access to your intranet access to your web app, then keep it internal.
February 5th, 2012, 06:28 PM
Thank for your advise Kravvitz.
Im wondering about installing XAMPP on intranet and place there my web application - to give an access to it for certain users just for testing purposes.
I know, that XAMPP is recommended only for development becouse of default lack security. But instead of buying and configure proffessional machine at first, would it be so unsecure to run XAMPP for couple of days inside intranet, just to see how the web app works?
February 5th, 2012, 10:03 PM
Unless you're worried about someone with authorized access to your intranet gaining more access than they should have on the XAMPP server, I don't know a reason why you shouldn't use it within the intranet.