Deploying php/apache/mysql application for off-line usage.

[Roger <rnodal () gmail com>]

Hello all,

I need to deploy a php/apache/mysql application so that it can be used
off-line while preventing data to be tempered with (unless the
application has a flow that allows that to happen). In other words, my
biggest concern is the protection of the database and php scripts from
direct access so that the user cannot gain access to the database and
modify the data. Here is what I have came up with so far:

* Password protect the BIOS.
* Disable booting from a CD.
* Install a Linux distribution (Windows? No IT support if the OS is
not Windows) and have an account without password(maybe with password)
to have a very limited desktop with the  only option being accessing
the local web application.
* No permission to access any files outside their home directory other
than the necessary ones.

Once again the main goal is to prevent the user to gain access to the
scripts and the database and then having the ability to put anything
in the database.


Do you have any suggestions that could help? Anything would be
welcomed. Thank you very much for your time,

Roger

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------