| Subject | Re: [firebird-support] Can a Firebird database be hosted on a hosting site? |
|---|---|
| Author | Mark Rotteveel |
| Post date | 2014-01-05T14:39:26Z |
On 5-1-2014 14:31, cedriz monteagudo wrote:
accessible. Publicly hosting your database means that the Firebird
server is exposed to the internet. That is a big security risk: with 8
characters the password strength of Firebird isn't that great, the
protocol is not encrypted in versions before 3.0, and you run the risk
of denial of service attacks. Of course it is technically possible, but
I wouldn't do this. Now if you are running a web application, then the
database isn't directly exposed. And as long as the web application is
well-written and properly secured the risk of data-theft etc is a lot
smaller.
Using a virtual lan that ties the branches (and maybe a database server
in a datacenter) together would be more secure, because it is not
externally accessible. However I am not an operations guy, so I can't
provide information on how you would implement this.
Mark
--
Mark Rotteveel
> Thank you for the reply. We are currently using a application developedTo be able to access it from delphi, you would need to host it publicly
> on Delphi. Now as the company grows, we are thinking of hosting the
> database so that we can access it from branch to branch. However we are
> not familiar with this setup, as I have asked if ever we hosted the
> database will we still able to use our current application or should we
> resort to a web based one. And also, about VPNs, we do not have an idea
> about that. What runs on our head at the moment is that we host the
> database and connect through it using our application (like we did on
> lan) and do the same on other branches. Also do we still need to use VPN
> if ever we host the database somewhere else?
accessible. Publicly hosting your database means that the Firebird
server is exposed to the internet. That is a big security risk: with 8
characters the password strength of Firebird isn't that great, the
protocol is not encrypted in versions before 3.0, and you run the risk
of denial of service attacks. Of course it is technically possible, but
I wouldn't do this. Now if you are running a web application, then the
database isn't directly exposed. And as long as the web application is
well-written and properly secured the risk of data-theft etc is a lot
smaller.
Using a virtual lan that ties the branches (and maybe a database server
in a datacenter) together would be more secure, because it is not
externally accessible. However I am not an operations guy, so I can't
provide information on how you would implement this.
Mark
--
Mark Rotteveel