with point 2&5 many people use their own home computers or another remote server, that does the checking and then sends a 'payment sent' to the database on customer facing website server. plus updating the customer facing website database with fresh public keys, making the home/remote server the brains of the operation and the customer facing webserver. just a GUI input viewer
hmm, ok, so i setup a rasberry pi with bitcoind and it just sits there and polls my public webserver from a private ip. er? ok guys, i'm brain farting on this whitelisting/polling/bitcoind part, which i have never used before.