Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

Hosting Discussion > HostingDiscussion Community > General Discussion > Setting up security for a web app - how to?
forgot password?



Reply


Old
  Post #1 (permalink)   06-13-2014, 02:11 PM
HD Newbie
 
Join Date: Feb 2011
Posts: 11

Status: fkasmani is offline
Hello,

I'm wanting to setup a hosted Linux VPS server to run a web based application.
The app is built around php and mysql.

Setting up the app on the VPS is not an issue, but the tricky part is setting up the security for it:
  1. since it's patient medical records, it needs to be carried across (maybe) SSL?
  2. the app should not be publicly available - it should only be accessible to me and my staff (located in 5 clinics)

Would really appreciate some suggestions on this,pls.
 
 


Old
  Post #2 (permalink)   06-13-2014, 03:31 PM
HD Amateur
 
Join Date: Mar 2005
Posts: 51
Send a message via AIM to wh-coach Send a message via Skype™ to wh-coach

Status: wh-coach is offline
Others may have other ideas but, to me, you are describing a VPN.

Although there are many ways to do it, I suggest that you strongly consider two VPS's.

VPS 1:
VPN Software
Allows offices to connect to private-network servers (connected off second NIC)


VPS2:
Runs your patient records application
Is only accessible via VPS #1


If you put everything on the same VPS you expose your patient records system to getting hacked from the outside world. By using two VPS, if your VPN server gets hacked, the hacker will still need to overcome whatever security you have on your patient records system. The records system, if you run it on a private network, isn't really reachable by the outside world so not subjected to the same kinds of abuse as your VPN server would be.

Just my $0.02
__________________
Availanet Solutions - Helping you stretch your hosting dollar since 2003 -
Highly Flexible VPS Solutions at Reasonable Prices
 
 
The Following User Says Thank You to wh-coach For This Useful Post:
fkasmani (06-15-2014)


Old
  Post #3 (permalink)   06-29-2014, 07:27 AM
HD Newbie
 
Join Date: Feb 2011
Posts: 11

Status: fkasmani is offline
Thanks wh-coach.

I was initially hoping it was as simple as SSL, but thanks for bringing it out.

Are we talking of setting up a mini-private-cloud here?

Would you be able to suggest a good guide to setting up such a scenario?
 
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: