Domains Supporting Rock Hosting Internal Hosting

Configure a Two-Server Environment

If you were looking at the system requirements in this guide's introduction, you might have noticed that there is a two-server configuration for larger installations. Even for smaller installations, we recommend two servers for the following reasons:

  • Performance: Having your Rock Database and Web Environment on separate servers means they won't be sharing resources and will be able to perform at a higher capacity.
  • Security: If you plan to use a public website with Rock, you can put the web server in a DMZ for added network security. Setting up a DMZ is outside the scope of this guide, but if this is something you plan on pursuing, reach out to the Rock community.
  • PCI Compliance: PCI Requirements in the U.S. require that if you are taking or storing financial information through your website, your database must be separate from your web host.

It's All in the Details

The process for setting up a two-server environment is not that much different from the single-server setup described in this guide. Here is a high-level task list for each server:

Database Server

  • Install & Configure SQL Server

Web Server

  • Install the required Server Roles and Features
  • Configure Internet Information Services (IIS)
  • Point Rock at the database server during installation

Be sure to check out the rest of the Rock guides and manuals to help you get started.

Self-Installing Rock

If you're installing Rock and SQL Server on separate VMs or servers yourself, in your own network (not in Azure), then port 1433 should only be open to the Rock server. This is so Rock itself can talk to the SQL db. In this setup your self-hosted SQL server should not be NATed (exposed via a public IP) to the Internet at all. It should be internal to your network with only Rock (and perhaps a dev machine) allowed to talk to it.

To do this, open the firewall rule you created in the Installing & Configuring SQL Server chapter above. Under the Scope tab, add the IP address of your Rock web server to the Local IP address if it's on your internal network, or to the Remote IP address section if it is external to your network. No other ports need to be open if the database is external to the network (i.e., on another external server).

Install Rock Azure Hosting