I’m trying to find a way to fit Matomo into our company architecture principles from InfoSec.
Rather than have the app and db on the same Public facing web server as default, is there any way to setup Matomo so the web application is running on one server but the database is running on another?
Therefore, with some basic DMZ principles we can secure the data on private servers
Just to clarify though, can the MySQL database be on a different server to the Matomo Web application? In my head the piwik.js data collection function sits on a DMZ webserver, along with the web app code, but the data get channeled to a database sat on another server behind the firewall (with a bit of port configuration).