See many applications, such as Wordpress, Python's Django, and RubyonRails' EC Package Spree, that have the same service site and management capabilities under the same domain.
Example) www.someservice.com...service site, www.someservice.com/admin...management capabilities
Of course, I'm worried about security because it's on the same server, but is this a universal production?
Personally, management is limited to IP access on a separate server with subdomains
Example: www.someservice.com/admin.someservice.com
I think it's a good idea to do something like that in terms of domain design, but what do you think?
http
Questions that do not have the correct answer are questionnaires and are deprecated from a SO point of view.
Maintaining multiple domain names (both wwww.example.com
and admin.example.com
in the example) is more expensive than just getting one.Security cannot be ignored.The story will be different depending on the position.
If you are a site administrator who maintains its own domain with its own programs without using any existing frameworks
Most of the time, they raise their own mackerel.Then I don't want to pay for subdomains because maintenance can be done from the console.
If you are the author of the web framework
You're going to have to pay the cost of maintaining a subdomain to the users of the framework, or the site administrator.As the site administrator is charged additional maintenance costs, the number of users in the framework may not increase (against the competition between the frameworks), and if the sample or documentation says admin.example.com
, the attacker will naturally copy the situation.I don't think that's going to improve security.
If you are a site author who normally uses an existing web framework
If you go out of your way to create a subdomain and limit the IP addresses that you can log in to www.example.com
, there should be no difference in security, so it's not a good reason to build a subdomain.
If you are a site administrator who maintains its own domain with its own programs without using any existing frameworks,
Most of the time, they raise their own mackerel.Then I don't want to pay for subdomains because maintenance can be done from the console.
If you are the author of the web framework
You're going to have to pay the cost of maintaining a subdomain to the users of the framework, or the site administrator.As the site administrator is charged additional maintenance costs, the number of users in the framework may not increase (against the competition between the frameworks), and if the sample or documentation says admin.example.com
, the attacker will naturally copy the situation.I don't think that's going to improve security.
If you are a site author who normally uses an existing web framework,
If you go out of your way to create a subdomain and limit the IP addresses that you can log in to www.example.com
, there should be no difference in security, so it's not a good reason to build a subdomain.
Therefore, Oira's opinion is, "If you only think about whether security will increase or decrease, creating a subdomain may increase security, but it is more likely that it will end at the same level."The reason is, "The attacker is well aware of that, so it won't work with crackers that really want to attack." "It may be a casual attacker or a script kiddy avoidance.""To sum up, ""I need to consider if there is a wrong place to spend money."""
Personally, management is limited to IP access on a separate server with subdomains
Example: www.someservice.com/admin.someservice.com
I think it's a good idea to do something like that in terms of domain design, but what do you think?
·Add another subdomain
·Place on another server
·Limit the IP address of the access source
This is an independent story, not a domain design story in total.
·Different domains on the same server
·Limit IP addresses that can be connected to the same server and the same domain but the management area
·The domain is the same, but it is a different server
It is possible that
Reading the question, it seems that the problem is that "services and management are on the same server" rather than the domain.As mentioned above, it may be possible to restrict access to only the management area on an IP address basis on the same server, but this means no access, so I think it is implicitly assumed that the service side will be placed in a private area such as inside the FW.
While it is true that the risk of being attacked by management is reduced, it is easy to imagine that the cost of facility preparation, how to control the communication with the database, how to operate the FW, and the complexity of the configuration are more than that.
After all, in most use cases, there is no point in forcing it.
So from an application point of view like WordPress and Spree, a minimal configuration is a prerequisite, so it's a one-server configuration.If the operator really wants to separate service from management, there is nothing else I can do.
Django (or WAF in general) is not forcing itself to be "one service and one management."It depends on how the person who makes the application makes it.
Conversely, for applications of scale that are expected to have the cost of separating servers from networks, as described above, separating services from management can be a number of benefits.
Even if it looks like a subdirectory, it may be distributed to another server using reverse proxy, and on the other hand, it may be the same server using virtual host functionality.
You can use the same server with appropriate per-directory access restrictions (for example, administrative URLs can only be allowed from a specific network), and even if you separate servers, the risk is not zero if they are networked.
© 2024 OneMinuteCode. All rights reserved.