Hi,

I am looking for a linux/unix hosting plan for a website. The front end is in php, css, xhtml and the back end in mysql.

Since my database will be storing personal customer information such as SSNs (will be encrypted) and addresses etc, security and the architecture is very important.

I guess to sum up, I am very light on the architecture knowledge of web and database servers and would be very grateful for some guidance on best practices in order to make sure the data is secure.


My question is :-
1. on shared hosting plans, am I right in assuming that generally hosts place the database on a separate server from the web server and the DB server has firewall protection so that it cannot be accessed from the public network ?

2. If I go for the VPS solution for the web server, should I put the database on a separate server? If yes then that would mean two VPS servers?

3. If I go for a dedicated solution for the web server, should I put the database on a separate server?


Thanks for any input.
mike

do it better

1. on shared hosting plans, am I right in assuming that generally hosts place the database on a separate server from the web server and the DB server has firewall protection so that it cannot be accessed from the public network ?
Yes, this is typically the setup. Hosts differ in their firewall setups, and some allow remote access so that customers can use GUI management tools running locally. Either way, the database will still be reachable from all of the other shared hosting customers, so make sure that you use a very secure password. If you're storing sensitive data, I would really advise against this route, and go with a VPS.


2. If I go for the VPS solution for the web server, should I put the database on a separate server? If yes then that would mean two VPS servers?
You wouldn't necessarily need two servers, you might get a little bit more security by putting your database on a separate server and setting up firewall rules that only allow access (database or SSH) from your web server. But if you secure things properly a single server should be fine.


3. If I go for a dedicated solution for the web server, should I put the database on a separate server?
Same as with the VPS... from a security standpoint there is a slight benefit, but I wouldn't say it's absolutely necessary. You'll probably want to go this route as you scale up though.

you could start off with 1 dedi server hosting 2 vps' , one for website and other for database. They can communicate through internal networking provided by the virtualization software (vmware/xen). Should resource demands grow you can easily migrate in the future :)

Depends on the size of the web site you can go as for one VPS server as for one dedicated server.
Web hosting companies do use the same server for web sites and databases in most cases.

Moved to the general web hosting discussions forums