Two servers and One Database

tonyk

I'm installing a shopping cart application using MySQL (oscommerce) and would like to put the admin and checkout portions of the application in a secure directory on another secure server (different physical machine).

The admin and checkout processes need access to the MySQL database on the other machine.

What would my connection look like on the secure server?

Would I reference the MySQL machine by IP address? domain name? What about the port?

Thanks for any advice anyone might have 🙂

mrmufin

The first thing you need to do is set up some grants on the MySQL database for the secure server. I recommend going to the MySQL website and scrounging up as much documentation as you can find regarding priveleges and how MySQL manages access permissions, because a slip of the fingers or a grant that's too permissive can leave gaping data access security holes. MySQL allows for grants to be specified all the way down to the column level, so if your secure server only needs to update (for example) the name and credit_card columns on a table named 'customer' in the database named 'mydb' use a grant statement like:

GRANT UPDATE (name, credit_card) ON mydb.customer TO someuser@secureserver.com IDENTIFIED BY "secret-password";

You could use the IP address to specify the host portion of the connection, but I recommend using the $_SERVER['SERVER_NAME'] variable when granting rights to the accessing machine, since there are many web server environments where multiple servers share the same IP address.

My best suggestion is read up on and thoroughly understand how MySQL grants work, and with that information in hand, arrive at the appropriate priveleges, build a connection script and be sure to stop back in here when it breaks...

Good luck...