In order to securely provide support for web applications on our main campus web server, we must take certain precautions to make sure that these applications do not interfere with the daily operation of our server. Therefore, we have developed a process that creates a secure, stable environment.
LTS Development must approve any application that will reside on the main campus web server. After the application has been approved, space will be created on a testing server for the developer to work and evaluate their implementation. The approval process allows LTS to allocate resources in a proportionate and fair way and also prevents developers from duplicating an existing function or application.
To ensure that no development takes place on the production server, we have separated ASP and PHP pages from the normal web publishing space. Developers will not have access to modify the scripts on the production server. (Changes must be made on the testing server and then applied to the production server.)
Also, applications using Microsoft Access as a database should be aware that we place the Access MDB file in a completely separate location from the script pages to make it more difficult for malicious users to download the database file. We place the MDB file in a folder on our server that is not shared on the web.
Once a developer has completed an application and is ready to move to production, the application is evaluated and stress-tested by LTS Web Development staff. The code is reviewed to determine if it follows standards outlined in this document, and the application is checked for faults. Developers are encouraged to meet with LTS Web Development staff during the review of the system.
If the application is found to conform to standards, it is copied to production. Developers will not have access to the production system. They will be allowed to continue development on the test environment to make any needed changes. However, code changes will require evaluation by LTS Development staff. Therefore, LTS Development encourages developers to thoroughly test systems with end users before moving to production.
Questions About Application Development?
Call 836-4726 or send an email message to Jeff Holland, firstname.lastname@example.org.