[RESOLVED] How do I Connect to a database on a remote server?
We have a database on our server, here at the office. We now want to create a asp.net website that will be accessible to the public.
Say the domain of the website is http://www.abcdef.com and it's hosted on a webserver of HeartInternet.
When someone connects to that domain, that webpage must be able to pull data from our server that is located here in our office.
In other words the webpage cannot just load data out of the MySQL database loaded on its server, but it has to connect to our server and get data.
How is this done?
Re: How do I Connect to a database on a remote server?
Hey,
Normally, in this kind of situation, I would suggest that you provide a Web Service which serves as the interface between the ASP.Net Application and the Database.
Gary
Re: How do I Connect to a database on a remote server?
Is the server in your office accessable over the internet? It must be for the webserver to connect to it. If it is then Gary's suggestion would be the best approach to add a layer between the DB and the outside world if you expose your DB it needs to have as minimal surface area as possible and a user for the website with the minimal rights required.
Re: How do I Connect to a database on a remote server?
Create a DMZ on your office network, and host another web server there. Create a web service on the web server, have it read the data as needed. The advantage of the web service is that you can limit it to exactly the methods you need. "GetEmployeeNameById" and "GetEmployeeByOrganisation" so that nobody can arbitrarily query for an employee's SSN without you exposing it. So you then get your shared host website to talk to the web service on your office network.
However, note that because you're exposing a web service to the public world, you're now letting loose public data, so you need to look at securing the web service, since anyone who discovers the URL can simply invoke it and get whatever information you're exposing. How you secure it depends on the technologies you're going to use. You could start by limiting the IP addresses allowed on the web service in IIS to just that of the shared host, but you'll also want to look at SSL and maybe client certificate authentication depending on how much time and effort you're willing to put into securing it. (Knowing how most offices work, security will be the least of your worries until someone grabs a truckload of data and then the poo hits the proverbial fan)
