I’d like to suggest separating the DT web server and porting it to FreeBSD/Linux or providing an interface module or script for use w/Apache etc. so that the front-end server component could be run on a remote web host or VPS. The Mac running DTPO would maintain a connection (that it would initiate) to the remote front-end webserver and handle submitted queries as a backend, but would not have to run a web server itself or accept inbound web traffic. DTPO would just do the lookups and return the results/requested content to the server for display.
This would greatly simplify allowing remote access to DT without having to forward publicly accessible ports directly to one’s personal computer (not to mention helping with uncooperative NAT and problems with dynamic IPs or multiple locations.) I know its currently possible to do something like this by using the webhost as a proxy (and to provide authentication that way) but I’d prefer to avoid running the full webserver directly on the local mac at all (which still has to be done even when proxying.) This way all connections from the internet would be to the webhost, and the Devon server/interface there would be limited to submitting queries to the Mac running DTPO, limiting the potential damage of any security compromises (and making it possible to have a centralized web server at a stable address even if the user is moving between different connections/locations or using multiple, synchronized machines.) Users with the know—how could setup the connection between the Mac and the remote server to be through an SSH tunnel (or perhaps that or some other form of encryption could be built in.)