Hi.

I’m not sure if this is a question for the IIS community, or the PHP forum, but since most of the guys running PHP seem to do this under Apache and Linux, I’d like to try here first:

Most of our sites in IIS run PHP and connects as Application user. A couple of them are web shops and run WordPress and WooCommerce. Some of these are integrating through the WooCommerce REST API with external Point-of-Sale systems, which then require me to open up for GET, PUT, DELETE on the separate PHP-instances. Am I jeopardizing the security of this IIS application by doing this?

Thanks.

​Hi. I’m not sure if this is a question for the IIS community, or the PHP forum, but since most of the guys running PHP seem to do this under Apache and Linux, I’d like to try here first: Most of our sites in IIS run PHP and connects as Application user. A couple of them are web shops and run WordPress and WooCommerce. Some of these are integrating through the WooCommerce REST API with external Point-of-Sale systems, which then require me to open up for GET, PUT, DELETE on the separate PHP-instances. Am I jeopardizing the security of this IIS application by doing this? Thanks.  Read More

​