I have a system with two databases, one that the customer-facing website uses, the second that is used by the "backroom" order-fulfillment system. I've been asked to run queries from the website to the backroom system. I'd rather not, it seems risky to allow web-based request to run unheeded on the internal system. Additionally, this means opening up routing in the firewall to allow external connections to the internal server.
What's the best practice for eCommerce? Run the entire company off of one database? Or individual databases for each system, and middleware to connect them?
Sometimes it might be necessary for the web application to pull date from the internal system, but not based on an HTTP request from the internet.
I'm sure the best answer is "it depends!" So, if people have a rule of thumb for when to use middleware and when not to, I'd like to here it.