Webspeed security

Posted by jmls on 06-Jun-2010 12:16

We have an application that holds personal details on literally hundreds of thousands of people. I have been asked to look at providing a "portal" for these customers to be able to manage their own accounts.

Obviously, I am greatly concerned about security, hacking etc etc

How do you handle this scenario ? Do you give each user a personal certificate ?

Is a webspeed application slightly more secure than php ? Or less ?

Is Apache good enough for the job ?

My current thoughts are to have an external (DMZ) apache webserver (basically a machine dedicated only to apache, with everything else not installed), with the cgi-ip.exe connecting to the database through the firewall. Good ? bad ?

Any suggestions on monitoring tools like tripwire etc would also be gladly received.


All Replies

Posted by surfcity on 16-Oct-2013 14:32

Hi Julian, I know this is an old post, but I was curious as to your findings.

We are running OpenEdge 10.2B and I have done some interfaces in PHP and WebSpeed and am in a very similar predicament as you were. I really enjoy coding with Webspeed vs PHP when it comes to our corporate database since I am much more fluent in 4GL.

Did you end up coding PHP or Webspeed for your interface?

Also, did you end up setting up your webserver machine on a DMZ edge network?

Any information would be great.


This thread is closed