Server security

- B
- Barry Streets
  
  Contact options for registered users
posted
18 years ago

Tue, Sep 13, 2005 3:30 AM

I have a application that is accessed via HTTPS thru a firewall, the frontend is running IIS/Cold Fusion which in turn access's a SQL server.The network connection between the IIS server and SQL server is over a separate network that is isolated from the outside. What's the Best configuration to ensure security of the Database??? Please reply to my e-mail address as I may not get back to the newsgroup for days.

Barry Streets snipped-for-privacy@echoman.com

Loading thread data ...

- L
- Leythos
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Tue, Sep 13, 2005 1:56 PM

If you have a firewall you should only be allowing 1433 between your webserver and the database.

You should not be using the SA account.

You should not be using Windows Authentication.

The database server should NOT be part of the domain that the Web Server is part of.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.