0

I can't figure this out, so hopefully somebody can explain to me why and what's most secure:

I'm hosting a Magento webshop on a VPS at DigitalOcean, but to make things more secure I thought it would be safer to keep my MySQL database on a dedicated VPS which is only accessible by private networking and disconnected from the public (because of all the user information it will contain). But this still doesn't feel right, because in what way is this safer? If somebody hacks the front-end server, which has access to the database server through private networking, they still can access the information on that server, right? If that's the case I can just keep the database on the same server...

An API connection with the database server would be better I guess, while closing all other ports to that server, but I'm working with Magento so that's not an option.

So what do you guys advice. Is it safe enough to keep my mysql on a dedicated server with private networking? Or are there better ways?

Erik van de Ven
  • 103
  • 2

2 Answers2

1

If your Application is getting hacked, they can use the api to gather all information they want. So if your application is hacked you are lost in any way. Best practice should be to setup the database without a dedicated public ip address. Make sure your database server is not reachable from the web. If you are scared about your application security, you could use a web application firewall, which parses every uri and its parameters if they are valid.

Snooops
  • 13
  • 3
  • Thank you for your response. Well the idea was to first authenticate with a user/password combination of a db stored user, before you'll be able to access most of the API calls. But I'll keep the servers seperated just for performance and keep access private, except for my webserver (so I will be able to access the webserver with a SSH key), guess that will be enough :) – Erik van de Ven Jul 25 '16 at 12:42
0

I think you might be over compensating just a little. If you're talking actual ssh level access to your front end server, you might want to look into enabling SSH based login. Basically it requires you to have a physical file, a "key" before the server will accept your login request. This alone blocks a lot of attacks, manly they have to physically attack YOU to gain that login file.

Recap: To secure access to your front end server, in light of the data connected to it [Yes it is connected, you can't get over that] I would recommend enabling SSH key based logins to your server to protect against brute force attacks. This will allow your front end server to be secure while still being able to talk to your back-end server.

This is all relevant assuming I'm seeing you are talking about access physically to your front end server.

Lake Sereni
  • 16
  • 1
  • thanks for your comment, I guess I will limit access to ssh (already have it, but one user is still able to access the server with a password instead of a key, so I have to change that) and I will have a look at fail2ban for brute force attacks. Maybe I will keep db and web server separated for performance :) – Erik van de Ven Jul 25 '16 at 12:36