Another possibility is that a cracker could get into one of the web developers' workstations and crack the web server from there (assuming the web developers' have FTP access or something similar).
Most of the web environments i've worked with have what's called a "DMZ" which would make this impossible. Basically you have this:
The internal firewall wouldn't accept connections at all from the webserver or the internet and would only allow outgoing connections from the internal network. (and you could limit those so they were only to the webserver).
Sure this wouldn't allow Internet access for staff. You could have a proxy box within a seperate DMZ (so compromising one DMZ wouldn't compromise both) which would have an external firewall that doesn't accept incoming connections except as a response to outgoing connections, and only on port 80, and the internal firewall would only allow connections as a response to connections from within the internal network again on port 80.
This way you never have the Internet talking to the internal network, there's always an intermediary.
[ Parent ]