0

Imagine an architecture composed of 2 Virtual Machines VM1 and VM2 hosted somewhere in the cloud:

  • VM1 is dedicated to a Web Front End (Apache/PHP)
  • VM2 is dedicated to a MySQL server
  • VM1 and VM2 are located in the same hosting company

It means that there is traffic between VM1 and VM2 composed of queries/results. As this traffic occurs in a VM hosting farm out of my control, I guess that somebody can be a "man-in-the-middle" to analyze this traffic.

My question : In this context, how to guarantee the security/privacy/integrity of the MySQL transactions between VM1 and VM2?

As far as I know, there is no privacy option in mysqli_connect.

Thanks for your help

::Guillaume::

gdorbes
  • 182
  • 3
  • 10
  • only someone who works for the hosting company could be the man in the middle, and they have access to the data anyway. –  Jun 19 '12 at 04:32
  • Why are they supposed to access to data, if I'am root user on both VM? I thought that being root on Unix with the right level of security was enough. Am'I wrong? – gdorbes Jun 19 '12 at 12:19
  • "could" sounds like your tiring to solve a non existent issue. Usinng ssl wont protect you from rouge workers at the host, nothing will. –  Jun 19 '12 at 20:02
  • Could you elaborate why? – gdorbes Jun 20 '12 at 13:48
  • both machines are in the same building, traffic between them wont leave the building, so the only man in the middle is staff there, who have physical access to the hardware anyway. –  Jun 20 '12 at 19:50
  • @gdorbes to answer your question, they'd have access to your hard drive and could clone it for a simple example. – StackOverflowed Aug 10 '13 at 09:06

1 Answers1

1

Use an ssl connection to the mysql server.

You can do this in mysql using the mysqli_ssl_set.

You will have to configure your mysql server to accept ssl connections too.

Refer: PHP to MySQL SSL Connections

Community
  • 1
  • 1
nunespascal
  • 17,584
  • 2
  • 43
  • 46