little store's inventory database and possibly . . .
hello debian users,
i operate a small record label in madison wisconsin and we recently acuired the resources to operate a record store. i convinced me cohort to get a system and save money (and gain freedom of functionality) by installing debain. so he a got a athlon xp 1800 and debian(woody) is shining away.
i plan to set up an inventory tracking system using mysql and managing the database through http (with mozilla) using php and html. mysql, php(4), and apache(2 i think) are getting along just fine and everything is perfect. what i want to know is this: if i wanted to expand the computer's functiona;ity into the realm of serving a webpage for the record store, where customers could search the inventory through our webpage, what should i keep in mind, security-wise? i am not ready to do this yet, because i know the system is probably laughably weak to the outside world (it won't be connected initially). i don't think we will keep any sensitive customer information in any tables in mysql, but we might.
so that's the question: how should i go about securing this system when i decide to let it serve customers though the net? i realize this is a really general question, so links to web resources on these particular issues would be just as appreciated as actual responses.
thanks in advance,
nic stage
p.s. - i could be considered an "adept" newbie :-)
chance eductions - http://chanceductions.no-ip.com/
23 productions - http://www.demiurgic.net/23productions/
Reply to: