Home | Data | News | Events | Articles | Nodes | Preferences | Help | About | Press | Site map
SITE SEARCH: 
    
GBIF Data
Browse
Search
How to search
Providers
Data policy
About GBIF
Press
GBIF Q&A
GBIF Data Sharing
GBIF Symposia, etc.
Ebbe Nielsen Prize
GBIF Publications
GBIF Documents
GBIF Membership
GBIF Nodes
GBIF Directory
Tools and services
Newsletters
Mailing lists
Wiki
UDDI registry
Standards
CIRCA
GBIF tools download
Support
Become a data provider
GB documents [login]
GB15
Helpdesk
Training
Travel guidelines
FAQ
Programmes
DADI
DIGIT
ECAT
OCB
Home GBIF Data Providers How to Infrastructure ...

Infrastructure Requirements for GBIF Data Provider

We recommend using a dedicated server for the PHP data provider package. This way, you can enjoy the automated installation and registration scripts, and receive updates as GBIF releases them. You can also copy the database from inside the firewall to this machine and not put your operational database out there.

The minimum hardware requirement for installing a data provider package for a dedicated machine are the following: Windows 2000, Windows XP, or Linux (RedHat 8, 9) operating system, 1 gigabyte free disk space, 256 megabytes of main memory, right to install applications or administrator access. WinZip version 8 or higher for Windows 2000 is needed to unpack the distributions.

Direct access to the machine from the public Internet is required. Port 80 is recommended, but also high ports can be used, although some users will suffer from this. A static IP number or a fully qualified domain name is required.

You can use an existing server such as your organisation's web server, and utilise the installed Apache or IIS WEB server. In this case, we recommend you do not use GBIF package but download the individual components from http://sourceforge.net/projects/digir, and customise the configuration to fit your site.

Security

The security of a server is responsibility of the data provider. There is no common security policy for GBIF network, because the servers are independent and failure of one site does not cause failure of others or expose them for attacks. Therefore, advise on security can only be given at a general level.

In order to secure your server and protect it from malicious attacks, first of all, you have to create a simple, generic policy for your system that your users can readily understand and follow. It should protect the data you're safeguarding as well as the privacy of the users. Some things to consider adding are: who has access to the system, who's allowed to install software on the system, who owns what data, disaster recovery, and appropriate use of the system. Additionally, choosing good passwords, securing your server's local network services, allowing access ONLY to absolutely necessary ports where applications are listening, keeping good accounting records, and operating system / programs upgrading are among the things the local security administrator is responsible for doing.

A comprehensive analysis of how a server can be deployed/configured/managed in order to be protected from intruders is out of the scope of this document. There are many articles available in the Internet that could help you to secure your system; you can find below a few indicative URLs.

  1. Linux
    1. The World Wide Web Security FAQ (http://www.linuxsecurity.com/docs/www-security-faq/www-security-faq.html)
    2. Security Quick-Start HOWTO for Linux (http://www.tldp.org/HOWTO/Security-Quickstart-HOWTO/index.html)
    3. Linux Security HOWTO (http://tldp.org/HOWTO/Security-HOWTO/index.html)

  2. MS Windows 2000/XP
    1. Microsoft Security (http://www.microsoft.com/security/default.mspx)
    2. Protect your PC (http://www.microsoft.com/security/protect/default.asp)
    3. How to secure Windows2000 / XP (http://markusjansson.net/exp.html)
<< back next >>

Version 0.3 Last update 2004-02-06
Contact info | Webmaster | Webmaster login | Printable page