Date: Mon, 6 Jul 1998 23:08:01 -0400 (EDT) From: Troy Settle <rewt@i-Plus.net> To: Omar Thameen <omar@clifford.inch.com> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: setting up a secure webserver service Message-ID: <Pine.BSF.3.96.980706225050.24808B-100000@Radford.i-Plus.net> In-Reply-To: <19980706171055.A3430@clifford.inch.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 6 Jul 1998, Omar Thameen wrote: > How do most companies (like webfarms) handle setting up clients with > secure web servers? We'd like to offer one level of service where they > use our key (for say, secure.ourdomain.com). What's not clear is how > the different client accounts are handled on the secure server. I am in the process of setting up this same thing, and as a cost saving device, I am also opting for using a single cert for all secure transactions. > Do generic solutions like this usually offer cgi-bin access for the > client's transaction software (if so, how?), or do you provide a default > set of scripts for everyone to use? What I'm planning, is to skip the cgi-bin route, and just use php or a handler for .cgi files (you can do some funky things with the URI with mod_rewrite). I think at this time, all scripting will be done on a per-user basis. Of course, this may change as we grow. > How is access to their data normally handled, via a secure http connection > with a password-protected directory? Or is it via custom scripts? I'd say both. I think the most secure way to give customers a list of transactions would be through the server itself, or just process all transactions automatically with an online processor, report summary information back to the customer (fax, email, cgi), and take the processing fee + 2% for yourself :) I'm open to anyone willing to point out any holes in this scheme. -- Troy Settle <st@i-Plus.net> Network Administrator, iPlus Internet Services http://www.i-Plus.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980706225050.24808B-100000>