Geek Answers Handbook

How to protect mySQL connection string in PHP?

I know the rule: never write down your password, and I saw this question here that explains what with Java and mySQL, but I don’t know what to do for PHP and mySQL.

The current connection string is as follows:

<?PHP $DBName = "dbName"; $Host = "localhost"; $User = "dbUser"; $Password = "Yikes_hardcoded_PW"; $Link = mysql_connect( $Host , $User , $Password , $DBName); if (!$Link) { die('Could not connect: ' . mysql_error()); } ?>
  • but I need the password to be protected, i.e. was not hardcoded in this file. How can I do it?

EDIT: For all the downvotes that I get from this, I still have not received an answer to a question regarding a genuine security issue - hardcoded passwords. It is inappropriate to vote on a genuine question without publishing any comments or answers that answer this question.

+7
source share
6 answers

Save your configurations to another file.

 $DBName = "dbName"; $Host = "localhost"; $User = "dbUser"; $Password = "Yikes_hardcoded_PW";

Setting git to ignore this configuration file.

+1
source

You will have to write down the password somewhere else. Even if you want to use DSN, you will have to hard-code the password in the DSN string. As I can see, I can’t get away from hard-coding a password.

So the question boils down to what you can do to protect the file / line containing the password. Setting the correct file system permissions for the file containing the password and setting the correct open_basedir value is what you can do. As mentioned in one of the posts in What is the best way to protect the database connection string? You may also consider using an encrypted partition.

The link that you posted in your question, as I understand it, talks about desktop applications. And there are too few desktop applications in PHP to seriously think about protecting database passwords for php desktop applications.

+1
source

I also do research on this topic. File resolution is one strategy, but there are so many vectors.

But let's say in one scenario you have FTP or SSH access to the server, and someone compromises the FTP input. This login is the same as the public_html user folder. This person could view and read these files. To a large extent, this is a bad thing. However, you can have a configuration on the system where you put the user in jail only in your home directory.

Perhaps then you could create a .private folder one level outside of this user's home directory. Then, in php files for this user, who has his own scripts in public_html, there is a connection file that exists in the .private folder (../../. Private / connect.php, for example).

I do not know if this will work if the user is imprisoned, but this view seems safe through an obscure thing.

+1
source

Based on what Cajus Kuinzinas escaped ... Consider having a limited database that stores application credentials. When your application is initiated, execute the query using a read-only account that can look up credentials in the actual application database.

To make it more secure, the value stored in the search database does not have to be a full password. Your application can use this value along with the salt to generate a real password. In addition, you can cache this in memory, if you wish, to reduce future hits.

+1
source

There is no need to encode credentials in the configuration file.

For a project with a source version, you should consider creating a configuration template with placeholders for any credentials that you submit to your repository.

In any deployment, you must then modify these placeholders so that they perform credential checking in real time. It will also help anyone who uses your project if you intend to open it.

Updated (to answer the question)

The database configuration really should be in plain text, hard-coded into a PHP file, however you can make sure that it is more secure:

  • Check your Apache configuration. open_basedir restricts other instances of vhost from access files outside their web root.
  • Check the file system permission to ensure only apache and your user can access the file
  • Make sure your mysql user is set only for reality from the localhost context, i.e. grant all privileges on mydatabase.* to myuser@localhost etc.
  • Using a firewall to block external connections to mysql
-one
source

There is no reason to hide your MySQL password. Just restrict access to the database from the remote host. In addition, you can set the default MySQL user without a password for this particular project / host / database / action.

To answer your question directly, there is no way to fabricate a password.

-2
source

More articles:


All Articles