Geek Answers Handbook

Password / trade secret algorithms: are they safe in php files?

My site was created using php files. In these files I use secret secret algorithms and my root password for my database is also stored in these php files. My database is used to store the private medical data of many clients.

Whether this is considered a safe setting; can anyone download the php source from my web server and therefore access my mysql root password?

I am running apache 2.0 and php 5, on ubuntu 8.04 and mysql 5.

thanks.

+4
source share
7 answers

If you store medical data in the United States, you are subject to specific, stringent safety requirements . Other countries may have similar provisions.

Not being an expert, I seriously doubt that you will conduct a security audit using the setup you described. Firstly, having a root password anywhere in plain text is bad practice. Keeping any confidential data (for example, medical records) in unencrypted form invites any hacker who can infiltrate your site to help himself in the data. I suspect that HIPAA has specific requirements for providing all medical information and information for patient identification.

This is a serious matter that could expose your company to serious responsibility.

+6
source

Your server is as secure as your server’s weakest point.

If someone compromises a weak password for an account that may be able to read this file - then yes, now they have their own root password. If you are mistaken in your code (or use someone else's code / program with such an error / "function"), then this may also compromise it - and yes, both HAVE and DO situations occur.

So, as a basic precaution, create a specific account for this application, which is limited to access this application. If it is compromised, it is not so useful.

Of course, the root password is the worst thing you can choose. A security audit ensures that it is an instant failure.

+6
source

In a relationship

Yes, it is possible for your php source to “leak” (delivered as the text that it is, instead of executing) if your web server is somehow incorrectly configured.

A good precaution is to place all PHP files (except the bootstrap / index file) outside of public_html / htdocs / www or any directory.
You can use something like ZendGuard.
You can simply decide to compile sensitive data as a PHP extension (basically, only constants).

Just keep in mind that there is no such protection as 100%.

+3
source

Yes, your php source may be "leaked" (delivered as the text that it is, not executing) if your web server is somehow incorrectly configured.

A code leak due to an incorrect web server causing php pages to be delivered instead of completed occurred with facebook in 2007 .

+1
source

Just out of curiosity, are you familiar with Google Health ?

0
source

If you are a protected trademark, then it is best to encrypt it along with any passwords that you store.

This ensures that even if someone goes to your system, they cannot reach him.

You can do one of two things: one special password-protected page in which you can insert a private key for a public / private key pair with an encrypted symmetric key.

This ensures that if you do not have the correct private key, you cannot get to the symmetric key.

The private key can be stored on a usb flash drive, so you can delete it after pasting it on a special web page.

The symmetric key will be read immediately after completing this form and store it in a global variable so that any page in the application can use it.

The private key will be cleared immediately after use to limit the likelihood that it was written to the hard drive.

This system is not entirely perfect, but should be able to pass a security audit and protect your information from any successful attack by a hacker.

0
source

Create a mysql user for each application and give this user the minimum number of privileges necessary for proper operation. In most applications, you only need to select, update and delete. http://en.wikipedia.org/wiki/Principle_of_least_privilege

Your mysql root user has special privileges as superuser. Say that you have reached the maximum connection limit. MySQL always reserves the last connection for the superuser so that you can get there and administer the box, kill connections, etc.

If you use root in your web application, you can lock your own database.

0
source

More articles:


All Articles