Hello,
There's a new online system (similar to an e-commerce system) that's going to be launched in a few months. Our system is quite different from other e-commerce websites where people use their CC or Paypal a/c to buy stuffs.

We don't have these features, but we're going to make our VPS secure and we're also planning to install an SSL certificate.

We have two sections in our website:


Front Office (for clients to sign up and login and view their selected products)
Back Office (This plays a major role in our system. All our clients-suppliers information will be stored here and only the admin or an authorized person can login.

All the information viz. clients, suppliers, invoices, orders, products will be stored in our back office and we're using PHP/ MySQL technology to build this website.


My question is if I install an SSL certificate, will it also protect my data (files, databases) in my VPS?

Moreover, what's the best way to protect all my files and data from other intruders?

Thank you very much.

Cheers!

An SSL certificate only protects the connection between the server and the client so that a third party cannot see the data being passed between them. That affect will help protect your data in two ways:
1) The login credentials your users use to login will not be sent across the internet in plain text
2) The data they are viewing will not be sent in plain text (assuming those pages are all running through SSL) so someone can view your client and supplier information.

Hi Oracle,
Thanks for the prompt reply. Yes all the pages will run through SSL.

Our product details will not be displayed in our website until & unless a user/ client will sign up with us.

After signing up and verifying all the client's details, they'd be able to login and view his/ her selected products and finally send us his product choices.

So Oracle, using only SSL could help protect all the files/ data in my server? Or do I need to use some other way(s) to achieve this.

Thanks much.

Cheers!