First of all, if there is an exact duplicate, I did not find anyone, so I apologize if the answer has already been provided.
I will talk about the problem that I encountered, hoping that I get some idea or a direct answer "impossible."
How to protect database credentials in a web application if the server on which PHP is compromised? Suppose that in this case we are not talking about shared hosting, VPS or anything else, there is only one person who has access to the box in which the MySQL data is stored.
The MySQL server itself is located in another (remote) field and allows connections only from a range of IP addresses (tied to the PHP core).
How to ensure that an attacker cannot get the information needed for the connection string for MySQL? Suppose the user has violated the root login in the Linux box where PHP is running.
What steps will you take to ensure maximum security in terms of access to the information necessary to establish a MySQL connection in this case?
Thanks for reading and commenting in advance.
source
share