I am working on installing a Drupal site that allows users to store and display files (.doc, .pdf, .xls, etc) files at a high end secure data center with DMZs and the like. The customer's data center doesn't allow them to have web applications that store flat files on the front end web server machine.
They are accustomed to having web applications that store these binary files directly into their database (i.e. sharepoint) using ISA. We have already suggested that they have an NFS mount or a Samba share between the front end server and the protected server behind the DMZ, but this doesn't satisfy security requirements to have these ports open across the DMZ. They are allowed to have a MySQL port (3306) open to keep the database behind the DMZ.
I'm wondering if anyone else has encountered something like this problem and found a good work around. Or, do you have any ideas about how to protect the flat files behind the DMZ? I have also suggested that we just put a proxy up on the front end server and keep the entire Drupal installation on the back end, we may end up going with this but I'm not sure if this will meet their security requirements. Is there a specific proxy server that would work best for this?
Are there any ways that we can show that it is safe to keep the flat files on the front end server if Drupal is running ? We are already using private files and keeping the directory path for these files outside of the drupal install path.
Comments
There is the Database File
There is the Database File Manager but frankly that module only has 28 users. I'd be more worried about its security than I would putting flat files on the webserver.
Maybe you can try to learn what the problems are with flat files uploaded on the webserver and craft a solution that meets the needs if not their prescripted solution.
knaddison blog | Morris Animal Foundation
Mongo
You could always look at something like MongoDB which can store all kinds of binary files in the database. That's going to work over a single TCP port similar to how MySQL would do it.
http://blog.mongodb.org/post/183689081/storing-large-objects-and-files-i...
http://drupal.org/project/mongodb
You might also be able to do something like that with Apache Solr or Nutch, both of which have some solid integration with Drupal.
I agree with greggles - I would also ask what risks they are trying to mitigate with the security requirements. What do they perceive as the threat of storing files on the web head? Lack of an audit trail in the event of a compromise? Perhaps you can implement file integrity monitoring. Access control over the files? You can talk about the difference between public/private Drupal filesystem configuration options. What I'm getting at is you may be able to better design around the security if you understand what it is they are trying to accomplish. If your front-end webserver is compromised, the attacker is going to have credentials using the ID of whatever legitimate access was already set up for the backend.