All farmerswife cloud servers are hosted at Leaseweb, Hetzner or AWS (unless otherwise noted), across multiple regions to get as close to the client location in order to maximise the speed between the clients and the servers.
Architecture
The diagram shows the connection between clients and their server:
The communication between the farmerswife server and the farmerswife desktop client and API port are encrypted with our own self signed certificate by default. The web and mobile client use HTTP instead of HTTPS as the self signed certificate is flagged as insecure by all major browsers. In case you need HTTPS you will need to provide your own DNS name ( farmerswife.example.org ) and the certificate.
A different approach would be the use of a reverse proxy as shown in the below diagram:
This proxy approach is available to those clients who want to invest in extra security as all the communication (both TCP and HTTP) will be encrypted with our own farmerswife.com wildcard certificate. The only downside would be that it will only be accessible using the provided company-name.farmerswife.com subdomain and not the IP address.
Backups
On each farmerswife server there is a full backup process every day. There is also a db save backup every 15 min to minimise the loss of data.
Security
All servers are protected by firewalls that allow connection to the farmerswife ports from everywhere. The other maintenance ports are only accessible to farmerswife allowed IP's.
We can also configure this aspect to only allow certain IP's to the farmerswife server, for example to your company's premises or your VPN's IP's.
Maintenance
When the support department needs to do some debugging to solve any issue you may encounter they will send a copy of your farmerswife database to one of our servers to use for troubleshooting. This backup is encrypted with our own proprietary encryption technology and sent through a secure connection.
Once the support agent finishes debugging they delete that backup. As a note every laptop used by our support department uses disk encryption and they are password protected.