I'm currently building a website for a small charity and they've asked me if it was possible to make an admin area where they could access some of their work when they're out and about so they don't have to fill in forms twice. I can do this as I built the database that holds all the information they would input myself. I had made it using a MySQL database and built a front end for them using php so I can easily make it work online.

The database hold very sensitive information such as clients' home address, e-mail, full name, marital status etc. which obviously needs to be very secure. The computer the database is on currently does not allow network traffic from outside the internal network which means no internet access.

If I was to make it so it can accept connection from outside the internal network, what security measures and/or settings should be taken/set to assure that only people with accounts can access it?

I was going to code a timeout feature with the login as I found the workers tend to not lock their computer when the wander away from it, leaving everything logged in but I know I should do more to assure security of information.

Recommended Answers

All 9 Replies

well.. the way that we do it.
our sql database server does have a connection to the internet, however
we have an asa firewall that routes to the sql database.
the firewall only accepts traffic from internal and our websites IP address. everything else is blocked.

You could also use a VPN between the clients and your server so that the database cannot be compromised via the Internet.

You could also use a VPN between the clients and your server so that the database cannot be compromised via the Internet.

That is something that I have considered and I'm researching into cheap/free VPN solutions.

This does not help against social engineering, of course. If your customers use to leave their computers unattended while logged in, a VPN does not help too much.
Maybe you are overdoing it anyway. If your data are stored in a mysql database with user rights properly set and with no internet connection (except via the PHP website) and your interface displays only what it may and the webserver is password protected, who would go into the trouble of breaking in for some charity worker's marital statuses? The other info they might find in the phone book, anyway.
Make sure that your website is protected against SQL injection and keep your server up to date. That should frustrate 99% of the script kiddies.

It's not the employees data, it's the data we require to apply for funding.

Make sure that none of your php code shows raw sql error messages, as this can be used for sql injection, so all exceptions should be caught when the user inputs somthing

I always use my own error messages and codes.

Good, that's the proper way to go. But there are enough people who build sites that don't do that...
So for you i was just pointing out the obvious , but perhaps other (more inexperienced deloppers) have found it usefull.

Anything, no matter how obvious to some, is usually helpful to someone.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.