[FX.php List] Setup Question

Andrew Denman adenman at tmea.org
Fri May 5 00:51:58 MDT 2006


This is like the setup I inherited.  Our static website is hosted with a web
hosting company, while all of our dynamic FileMaker driven pages are
in-house.

Here is my biggest issue with this setup:
Your site will have two domain names - one for static pages and one for
dynamic pages.  We currently use frames to hide this from the users, but
with the particular navigation system we have we've run into problems with
cross-site scripting prevention measures in browsers causing navigation
problems.  I'm in the process of getting rid of the frames and java menu,
but then we'll have the problem those two originally fixed: maintaining two
separate sites with the same look/feel/navigation menus.  Then there's the
issue of making sure all your links go to the correct site. (Please, for the
love of mankind, do not copy our current setup and use frames and java menus
on your main website.)

I would also like to ditto Greg's comments about connection (and hardware)
investments for an in-office setup: it could get costly depending on your
traffic.  Using a web host will be a lot cheaper in most cases.  Your local
FileMaker use is also an important consideration.

I think scenario 1 is potentially less secure than 2 or 3. Containing the
FX.php web server and FileMaker server on the same subnet and behind the
same firewall makes me feel better than sending all that information out
onto the internet. When the two are together, you only need one connection
to the outside world to serve the final pages: port 80.  If the two are in
separate locations, there is more surface area to cover from a security
standpoint.  This is especially significant if you will be handling
sensitive data (SSNs, CC#s, etc.)  Maybe a little paranoid, but that's how I
see it.

As for my company, the scenario 3 suggested by Greg has worked well.  Our
dynamic pages generate far fewer hits than our static website, so our local
connection/hardware investment has been acceptable.  The only problem I have
with it is the two domain name setup and the (slight so far) increase in
site management it creates.  Using scenario 3 allows us to offer dynamic web
content while keeping the FileMaker databases readily accessible to clients
on our local network.  It's a good compromise between cost and functionality
on the web for us.

If you have the resources though, I would definitely go with everything on
one site (scenario 2).  I personally would not recommend scenario 1 for
anything but the least visited sites, and in that case there is probably a
better solution.

Andrew Denman
www.tmea.org
(If you visit the site and parts of it aren't working, it's because our
local power went out the night of 5/4/06 and I haven't turned the local
servers back on - a benefit of this setup, as Greg mentioned ;)

-----Original Message-----
From: fx.php_list-bounces at mail.iviking.org
[mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Greg Lane
Sent: Thursday, May 04, 2006 11:26 PM
To: FX.php Discussion List
Subject: Re: [FX.php List] Setup Question

It's difficult to give any useful recommendations without knowing  
more about your application and goals. I'm assuming you're using  
FMSA8? If your website has any value without access to the FM data  
then you may want to consider another scenario (this could be the  
same as your scenario 1, but it isn't clear):

3:
Server 1--web server w/ FX.php located at web host
Server 2--server with IIS (Win) or Apache (Mac) and FMSA (WSM, WPE,  
and FMS) located at office

In this scenario, your public-facing web server can take advantage of  
the larger bandwidth and redundancy provided by your web host. If  
Server 2 is ever unavailable, Server 1 can continue to host the  
static parts of your site and possibly cached data as well. If Server  
2's performance is a problem, you can separate its pieces into a two  
or three server configuration.

In general, I wouldn't consider geographically separating the machine  
with WPE and the machine with FMS. They should be on the same local  
network, if not the same machine.

There are a lot of other factors to consider, such as number of FMP  
users at the office, number of IWP users, number and frequency of web  
users, size of FM data being retrieved by FX.php, etc. The  
performance and reliability of the office's Internet connection is  
also very important.

Greg






More information about the FX.php_List mailing list