Deploying, Security, and Maintenance We now have a fully functioning e-commerce framework, suitable for use in a live environment. Now it is time for us to look at deploying sites using the framework into a live environment and to examine security and maintenance concerns. In this chapter, you will learn: How to deploy the framework into a production environment Different ways we can enhance security with our framework How to maintain a site running the framework How to back up live sites How to restore a live site from a backup Deploying The process of deploying a site to a production environment generally involves the following steps: 1. Registering a domain name: This will allow our customers to access our website through a web address. 2. Setting up a hosting account: We need a hosting account so that the les for our website have somewhere to live. 3. Changing the nameservers on a domain: We make sure the web address points to our hosting account. 4. Creating a database on the hosting account: We need this to store our product catalog, orders, and other content somewhere. • • • • • This material is copyright and is licensed for the sole use by jackie tracey on 23rd February 2010 953 Quincy Drive, , Brick, , 08724 Deploying, Security, and Maintenance [ 274 ] 5. Importing a database to the database on the hosting account: This is done because our database should have all of the products and content we want. 6. Uploadingourlestothehostingaccount: As a consequence, when customers visit the website, they see our store. 7. Changingthesite'scongurationlesandanyrelevantdatabasesettings: This sets the framework to use the database on the hosting account. Hosting accounts and domain names When it comes to web hosting and domain names, there are a large number of providers and registrars available. This helps to ensure that prices are competitive. When looking for a web host, there are a number of factors that must be taken into account when making a decision, including: The amount of web space required The amount of bandwidth required (data transferred from the web server to customers and other visitors per month) Any service-level agreements in place, such as a guaranteed uptime Minimum contract term Acceptable usage policy, to ensure they don't prohibit any of the functions of our e-commerce website To have software installed on the server, we obviously require PHP, MySQL, and Apache with the mod_rewrite module Of course, the cost of the hosting Web-based control panels, such as cPanel or Plesk, are included with most standard web hosting accounts. This makes many administrative tasks easier, including: Setting up and managing e-mail accounts Setting up and managing databases Viewing statistics, access, and error logs Performing backups, restoring from backups, and so on One of the most common control panels is cPanel, and is included with most shared hosting and Virtual Private Server (VPS) providers. Some aspects of this chapter contain instructions specic for cPanel (manual deployment, and backing up and restoring), along with alternative instructions for power users using the command line (assuming SSH access is enabled on the hosting account). • • • • • • • • • • • This material is copyright and is licensed for the sole use by jackie tracey on 23rd February 2010 953 Quincy Drive, , Brick, , 08724 Chapter 14 [ 275 ] Packt Publishing has a book available specically for cPanel, should you be interested in learning more about it: cPanel User Guide and Tutorial by Aric Pedersen (www.packtpub.com/cPanel/book). Hosting providers Some popular web hosting providers include: 1&1 Internet Inc. (www.1and1.com), they provide shared hosting accounts, virtual servers, and dedicated servers for larger websites and web applications. However, be careful as their lower-end shared hosting accounts don't support databases, such as MySQL. A Small Orange (www.asmallorange.com), who also provide shared hosting accounts, virtual servers, and dedicated servers. They also have a business hosting package, which contains useful features specically for e-commerce sites. MediaTemple (www.mediatemple.net) is a provider of scalable virtual servers, with a control panel to make things as simple as with standard shared hosting accounts. Slicehost (www.slicehost.com) is a Virtual Private Server provider, designed for developers with functionality to easily upgrade and downgrade server capacity. Research hosting providers Web Hosting Talk (www.webhostingtalk.com) is a popular discussion forum focusing on discussing the web hosting industry, and containing many reviews and comparisons. It is worthwhile taking some time to research for the different providers before signing up with one. Things to consider when looking for a hosting provider for e-commerce websites include: Are websites backed up regularly automatically? What security measures are in place? Do they offer SSL certicates and additional IP addresses, so we can enable secure areas of the website? • • • • • • • This material is copyright and is licensed for the sole use by jackie tracey on 23rd February 2010 953 Quincy Drive, , Brick, , 08724 Deploying, Security, and Maintenance [ 276 ] Domain name registrars In order to get a web address that can point to our website, such as www.junipertheatricals.com, we need to register it through a domain name registrar. Some popular registrars include: NameCheap (www.namecheap.com) GoDaddy (www.godaddy.com) 123-reg (www.123-reg.co.uk) These registrars make it easy to register a domain name. However, often registrars pre-select several names when making a purchase (for example also selecting .net or .eu domain names), so be careful to not purchase more than you want. Domains are generally registered for at least one or two years at a time, depending on the type of domain. It is vital to remember to renew domain names, or we risk losing them. Nameserver changes Once we have our domain name registered, and a hosting account setup, we need to change the nameservers of our domain to those of our hosting provider. This ensures any trafc to our domain name is directed to our hosting account. Manual deployment The most straightforward way to get our les and database set up on our server or hosting account is by manually transferring the data to that hosting account. Setting up the database This section assumes a hosting account with cPanel installed. To set up the database, we need to: 1. Create a MySQL database on the server/hosting account so that we have a database our framework can interact with. 2. Export a copy of the database for our site so we can transfer it to the live site. 3. Import that database into the database on the hosting account so that our framework can interact with the suitably structured and populated database. • • • This material is copyright and is licensed for the sole use by jackie tracey on 23rd February 2010 953 Quincy Drive, , Brick, , 08724 Chapter 14 [ 277 ] Creating a database on the hosting account The rst stage is to log in to our control panel (this is usually, www.yourdomain.com/ cpanel), and within the Databases section click on the MySQL® Database Wizard icon. Next we enter a name for the new database; this is normally then combined with the hosting accounts username, so the database name store would become junipert_store. Once we have entered a name, we need to click on Next Step, to move on to the next stage of the database wizard. Then we need to create a user within MySQL, which will connect to the database server to access the database we have just created. It is important to use a secure password for this; click on the Generate Password button to have cPanel automatically generate a secure password for us. This material is copyright and is licensed for the sole use by jackie tracey on 23rd February 2010 953 Quincy Drive, , Brick, , 08724 . for the sole use by jackie tracey on 23rd February 2010 953 Quincy Drive, , Brick, , 08724 Deploying, Security, and Maintenance [ 274 ] 5. Importing a database to the database on the hosting account:. they don't prohibit any of the functions of our e-commerce website To have software installed on the server, we obviously require PHP, MySQL, and Apache with the mod_rewrite module Of. and is licensed for the sole use by jackie tracey on 23rd February 2010 953 Quincy Drive, , Brick, , 08724 Chapter 14 [ 2 75 ] Packt Publishing has a book available specically for cPanel, should