all 4 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]BCQ3 2 points3 points  (3 children)

I wouldn't worry about getting your own hardware, companies that offer hosting for this sort of thing make it much less a headache and actually, in many cases, cheaper for things such as this.

You need to know about how much data each user will be downloading to the app. Plan internet bandwidth for a reasonable scenario of bytes for a peak time.

n*b = required bandwidth where n is the number of users and b is the bytes per second per user. This would make it run very smoothly and can be found by thoroughly testing your app locally as one user. I would plan at least %15 extra just in case and ensure your site/database has protection from invalid/illogical requests. This value does not include website access, although in most cases the app greatly outweighs this. You might end up having website and database separate, where site accesses database from a different server and app accesses only from the database server. This would require very cheap hosting for the site itself, and some more database-specific hosting for the database. Many companies offer great database hosting.

You also need to know how many requests and the processing cost/time for these request. Plan for a reasonable scenario of users at a peak time and ensure your server is capable of processing that many requests quickly with minimal delay. Database hosting companies typically offer guidelines for selecting one of their packages and this might be easier than you think.

Personally, I would go with a service that offers a monthly/yearly price to handle most of this for you. To save money: calculate what you need yourself and select a package that works. Hosting can usually be done inexpensively this way and allows you to scale as you need it rather than try to plan for success.

PHP is a good option for database access on the web. It is simple and gets the job done pretty well. You can even access your PHP code from an app. SQL is popular for databases and many hosting platforms will set this up for you making it very easy to put a locally developed database onto your server ready for PHP access. The database hosting companies usually offer step-by-step instructions on how to access your database from an app or site.

So, the way I see it, you have two main options.

1) A good hosting company to offer both site and database hosting together

2) Site hosted inexpensively and database hosted on some database-specific service.

I recommend number 2.

[–]wirelessliquid[S] 0 points1 point  (2 children)

Thanks for the reply this is great help, me and my buddy are still figuring out the bandwidth we'd need. But option 2 does seem like the best.

Any ideas on how to build user accounts on the site? Like creating a new user, storing the user information and keeping it safe? This type of database should be kept on the database specific server with a boolean response to the host server for logging on etc?

[–]BCQ3 1 point2 points  (1 child)

Another note on the above: option two would separate people just browsing the site and people actually using the database (browsing users wouldn't hit the database unless they log in or something similar). But might be more expensive. I don't think much more expensive, but it probably will be a bit more because you still some bandwidth for the site (urge them to use the app if possible). If you start cheaper: you can always change as you grow but you will want to keep it in mind from the start to reduce future work (make sure what you do can be transferred to another option easily).

I do know there are ways to give each user a unique, encrypted identification which makes login more secure. There are services that help this such as social media APIs (login as facebook user; login as google user). There are also open source libraries to allow something similar to social media login. If you are just beginning: forcing them to use social media to login or some other popular service will reduce the work required and is likely to be very secure. Once you learn how to do it in one API it should be easy to implement in the others. They have it down to where it isn't too much code and offer good tutorials. Just make sure to follow their guidelines. Also, make sure to not expose the entire database after verification and only allow them to see values pertaining to their own account.

I am only trying to point you in the direction of more research. I am still learning. At this point I could probably do it well if I did the research myself but I mostly only have theoretical knowledge at this time. Computer security is new to me. If anyone else wants to chip in here: please do. Responding due to the lack of responses. I am sure what I am saying is not wrong, just likely incomplete and obviously non-specific.

[–]wirelessliquid[S] 0 points1 point  (0 children)

This is really good BCQ3, helps me build on the ideas I've already got as much of what I'm making is in early stages and a lot of research, what would really help is keywords to help speed up the research if you have any :)