1
First of all, I‘m not sure if this is the right place for this question, but since it was marked as off-topic on server fault I thought I should try it here.
I'm going to start with the current development setup: I have a local apache webserver managed with XAMPP and no SSL/Certification set up, running on my personal computer. I have a small MySQL database in the background.
The website is supposed to provide a simple form for the employees to enter their shift details (start time, end time, numbers of boxes processed etc.) into. These details are then send and stored inside the MySQL database.
I believe that the environment is relatively low risk. I don't believe that anybody working with the site is going to try to tamper with the security in any serious way, so basic security required by European law (GDPR) should be enough. I know that my current setup is not for production but I'm also extremely new to this kind of project and that's why I want to get some ideas form you guys about how to set things up.
My questions are but are not limited to:
- Should the server and database be running locally (at home) or in the cloud (with azure or something like that)?
- If it runs locally how can the employees in the company connect to the local server (via a VPN maybe?)?
- How can I guarantee availability when I run it locally?
- What alternatives are there to XAMPP (that are for production and not development)?
- What else should I take into consideration?
Thank you very much in advance!!
This is off-topic here too, as it's simply too broad. Questions on here should be about specific problems. – confetti – 2018-10-07T21:48:36.403
Is there any place I can ask this question? – CVE-2017-5754 – 2018-10-07T21:50:37.000
You potentially have a bunch of different question(s) that might need to be asked in different areas. Server@home? Best if it runs locally inside the company to avoid access issues, otherwise cloud so it can be running 24x7. You should probably use a PHP framework to deals with some issues for you. The structure and coding is stackoverflow , security is Information security. There is also Database Administrators for mysql/database questions. – cybernard – 2018-10-08T00:53:13.160
How can I guarantee availability when I run it locally? Define how strict your uptime must be? Most cases a decent UPS with cable modem,computer, and network switch plugged if you got a separate router/switch. Complete loss of power, install a generator. You maybe need 2 or more ISP to guarantee your internet stays up. How about earthquake,flood,fire, or etc protection it gets more and more complicate and expensive. This is why cloud computing makes more sense, they got those handled for you. – cybernard – 2018-10-08T01:00:30.723
Thank you very much for your extensive answers. The problem is that multiple geographical locations have to be covered. That’s why I want to run it at home. It’s not really a professional thing, I’m just doing this for my dad as a hobby project. I’m going to try to split up my question and search for the right communities – CVE-2017-5754 – 2018-10-08T07:11:13.997