- 4. You should avoid security issues for now and concentrate on multiple user access for maintenance and updates login issues.
- 5. You must not worry about performance. You need to concentrate on making a workable website first. You must keep it simple.
Some details: I wanted to create a development and production environment, with a development server using version control and pushing stable changes to the live production server. I wanted to isolate the databases to a separate database server, with each web server remote logging to the database server (using syslog-ng). As we'll be generating email newsletters to the tune of 60k emails per issue, I wanted a separate machine for that too (PostFix, most likely). And most importantly, I wanted to spend time early in the project hardening everything — mod_security, mod_evasive, firewalls, intrusion detection, chroot jails, OS lockdown, SSH, etc., the works, before we began development
But the IT Manager is saying to do this:
- 10. You must design everything on one server for simplicity and design it in such a way to split the application when you need to do so (when it goes on line). I mean your database, your website, and your email server can all be developed on the same simple prototype server hardware.
- 12. Leave purchasing the actual hardware are for close to the end of the project when it needs to go on line.
I don't believe this is good advice, given we have one year to complete the project I think my route is safest. Can the Slashdot community advise my non-technical managers as to which of us, me or the IT manager, is on the right track? Or Maybe give advice on how to deal with this IT Manager?"