Very simple, you only allow packets destined for the machine with
the db server at the dbserver port _across_ the firewall (from the
outside) that originated from the web server's IP address.
--
Close your eyes. Now forget what you see. What do you feel? --
My heart. -- Come here. -- Your heart. -- See? We're exactly the same.
Jon Smith -- Senior Math Major @ Purdue
On Tue, 4 Jul 2000, Derek Del Conte wrote:
> Hi,
>
> I have a PHP4 + PostgreSQL site that I have been working on for several
> weeks now. We're getting ready to put up the production site very shortly.
> I would like to keep the database separate from the web server. PostgreSQL
> should be located behind the firewall and the web server outside. How do I
> work that with the firewall? If I open up the database port does that mean
> I put my database at risk? Any ideas?
>
>
> Derek Del Conte - derek@gambitdesign.com
>
> gambitdesign.com provides all of your networking needs.
>
>