> I hope I'm wrong, but this looks like an accident waiting to happen.
>
> Myles
>
> --
> -------------
> Myles Wakeham
> Director of Engineering
> Tech Solutions USA LLC
> www.techsolusa.com
>

Thanks for the feedback, Myles. We may be better off staying with what we have as it adds a layer of isolation between our databases and our web pages. We don't carry any passwords, credit card info, etc. in our databases, so that is not an issue.

At present, we have single server access to four geographically dispersed databases and thought it might be more advantageous to have direct server access to each of them without having to open port 80 on all of them.

We will rethink our implentations in light of the security issues you have raised. At present, any SQL attack on any of our four servers would fail, which is why we get to one of the servers with a REST command. Allowing access from our PHP web pages would not decrease that security because the web user has no control over what is sent or received and we have a static IP for our web server. No username/passwords/ips are present on the web server in any form or place recognizable by an external search attempt, SQL or otherwise, so neither our code nor our web-hosting company's code could give up any relevant info.

But, there may be some doors we left unguarded, so we will revisit the doors.

As for the original question, is there any problem accessing/updating an InterBase 6 database from Firebird?