comment on

What you wrote sounds good to me. I want to suggest to keep an eye on the network-security arround your app:

Use a (non-software) firewall to allow only needed traffic to your server.
Stop all unnecessary services on that box.
If mysqld is one of those services you could allow only connections from 127.0.0.1.
Use an intrusion-detection-system like snort.
Make someone responsible to do all security patches but remember to try those patches on a second box before you get hit by some nasty side-effects.
Continously keep an eye on the logs.
Plan the actions for a worst-case scenario!

In reply to Re: Paranoid about web application security by neniro
in thread Paranoid about web application security by perleager

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.