#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2012
    Posts
    3
    Rep Power
    0

    Apache vs hosting - what is more secure?


    Hello everybody,

    I'm planning to implement web application written in standard languages: php, mysql, javascript that should be accessible for certain users.
    My question is about security (my knowledge here is rather basic):

    1) is it more secure to run own webserver inside intranet with php, mysql, etc installed? (lets say intranet is well secured). Installation and configuration of that server wuld be done be external company, so I assume they will do that in right, secure way...

    2) or is it safer to buy a place inside secure external hosting company where the application would be uploaded - then make allow only for IPs of specific groups of users, etc.

    Which solution is better?

    -Solution 1 is better in condition of proper server configuration? I understand, that webserver installed inside intranet is invisible from the outside (so it cant be attacked by the outside attackers), unless somebody will get inside that intranet
    -Solution 2 - external hosting takes care of security, but in fact in this case appliacation is accessible from the outside

    Please advise me if my deduction is correct, and what are your ideas.
    Greetings
  2. #2
  3. CSS & JS/DOM Adept
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jul 2004
    Location
    USA (verifiably)
    Posts
    20,122
    Rep Power
    4258
    Welcome to DevShed Forums, decor.

    If you don't need to allow anyone who doesn't already have access to your intranet access to your web app, then keep it internal.
    Spreading knowledge, one newbie at a time.

    Check out my blog. | Learn CSS. | PHP includes | X/HTML Validator | CSS validator | Common CSS Mistakes | Common JS Mistakes

    Remember people spend most of their time on other people's sites (so don't violate web design conventions).
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2012
    Posts
    3
    Rep Power
    0
    Thank for your advise Kravvitz.

    btw:
    Im wondering about installing XAMPP on intranet and place there my web application - to give an access to it for certain users just for testing purposes.
    I know, that XAMPP is recommended only for development becouse of default lack security. But instead of buying and configure proffessional machine at first, would it be so unsecure to run XAMPP for couple of days inside intranet, just to see how the web app works?
  6. #4
  7. CSS & JS/DOM Adept
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jul 2004
    Location
    USA (verifiably)
    Posts
    20,122
    Rep Power
    4258
    Unless you're worried about someone with authorized access to your intranet gaining more access than they should have on the XAMPP server, I don't know a reason why you shouldn't use it within the intranet.
    Spreading knowledge, one newbie at a time.

    Check out my blog. | Learn CSS. | PHP includes | X/HTML Validator | CSS validator | Common CSS Mistakes | Common JS Mistakes

    Remember people spend most of their time on other people's sites (so don't violate web design conventions).

IMN logo majestic logo threadwatch logo seochat tools logo