[Owasp-testing] OWASP Hosts it's DB on the same machine as the web server?

Christian Heinrich christian.heinrich at owasp.org
Tue Aug 16 19:28:19 EDT 2011


On a slight tangent, the DB might be firewalled to only accept
connections from the localhost hence the attack surface would be the
same if it was moved to another host i.e. the pivot would still be the
web server.

On Tue, Aug 16, 2011 at 11:47 PM, Bernd Eckenfels
<bernd-2011 at eckenfels.net> wrote:
> Am 16.08.2011 14:24, schrieb rick.mitchell at bell.ca:
>> Seems the site is experiencing some issues this morning. What really caught my eye was the "... database server: Too many connections (127.0.0.1)" part. While the DB might not be exposed externally this is still contrary to what I believe most of us would suggest to our clients (i.e.: DB should not be the same machine as the WebServer. Due to single point of failure, etc.)
> You know, that 2 machines fail double the time of a single machine :) So
> unless you have some kind of switch over its just more expensive :)
>
> But maybe it is indeed a good idea to look at the OWASP Web Setting and
> publish it, along with all the best practice documentations the
> different OWASP Projects recommend.
>
> Gruss
> Bernd
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
>



-- 
Regards,
Christian Heinrich
http://www.owasp.org/index.php/user:cmlh


More information about the Owasp-testing mailing list