8

I'm trying to add data from a webhook (from a web cart) to a local Microsoft SQL Server. It seems like the best route for me is to use a PHP script to listen for new data (POST as json), parse it, then query to add to MSSQL.

I'm not familiar with security concerning the connection between the PHP script (which would sit on a shared-host website) and the local MSSQL database. I would just keep the PHP script running on the same localhost (have Apache running on Windows), but the URI for the webhook needs to be publicly accessible.

Alternately, I assume that I could just schedule a script from the localhost to check periodically for updates through the web carts API, though the webhooks seem to be more fool-proof for an amateur programmer like myself.

What steps can I take to ensure security when using a PHP on a remote, shared-host to connect to MSSQL on my local machine?

Improve this question
5
  • why not host the PHP script on your localhost if you are able to host MSSQL locally ?
    – Manoj Purohit
    CommentedJun 10, 2014 at 5:28
  • Keeping it on the localhost would be ideal for a lot of reasons, I was hoping to utilize an available webhook so that data retrieval would be automatic and also not have to sort out what's new (the webhook pushes a json doc of only what would be the new sql record. From what I've seen, a webhook needs to be directed at a web-accessible address though (not localhost).
    – lifeofchair
    CommentedJun 10, 2014 at 6:36
  • I'm not saying localhost without web. I meant to say you can make your local apache server online the same way you are making your MSSQL accessible to an online php script. If that's not the case then How are you accessing your local MSSQL in php script hosted on shared hosting server.
    – Manoj Purohit
    CommentedJun 10, 2014 at 6:40
  • I see. That would involve opening port 80 and pointing the webhook to the localhost's external IP, correct? I suppose that could work as well, but I'm equally unfamiliar with any security problems surrounding that. I felt that I could connect MSSQL more securely (or at least, more easily secured) since there are login credentials, but I may be wrong.
    – lifeofchair
    CommentedJun 10, 2014 at 7:09
  • correct, no security issues with that as you will not be publishing URL anywhere else..If needed block all incoming HTTP request except for that particular domain.
    – Manoj Purohit
    CommentedJun 10, 2014 at 7:30

1 Answer 1

Reset to default
1

I disagree with the comments for your question, especially about security. Your approach with a PHP script is valid, but you'll need a tunnel to do it right.

In regards to security, do you really want to open up your data packets to people sniffing? With the NSA out there and most routers able to intercept, I would be cautious.

I would go with openVPN, easy enough to setup, then have your local instance always connected with an openVPN connection and so your data will be secure. This may or may-not be available on your 'shared' server, so that is a consideration.

Honestly, you can get a micro centos instance up on Amazon with turn-key software and do the openVPN install yourself. Not too hard, but you'll need to learn some system management.

Improve this answer

    Start asking to get answers

    Find the answer to your question by asking.

    Ask question

    Explore related questions

    See similar questions with these tags.