1

I have been wondering , im in process of finishing a website , and i am not sure how to secure my database login and password , is it okay to declare these via PHP variables inside php.ini file ? Is there a more suitable way? Also all my documents are now written using localhost , root , "" . I would like to only switch these values for variables , but i am not sure where to declare these , to stay secure. Thanks for any answer .

Anirudh Ramanathan
  • 46,179
  • 22
  • 132
  • 191
Slytherin
  • 474
  • 3
  • 17
  • 1
    You can't really hide the information you need to pass to other processes! That's the same situation when someone wants an image on a website to be 100% non-copyable. – ComFreek Nov 13 '12 at 16:35
  • Possible duplicate of: http://stackoverflow.com/questions/97984/how-to-secure-database-passwords-in-php – Lynn Crumbling Nov 13 '12 at 16:55

3 Answers3

2

The approach @Cthulhu describes is commonly applied, also in frameworks like CakePHP or Symfony.

Even if you're storing the configuration in a .php file in the webroot it won't be an immediate security hole by its own right: If your webserver is configured correctly it will always parse that file using PHP and then send the output created by PHP.

Anyway, you'd be better off securing your server as a whole. Making sure your database does not accept connections from the outside world would be a good place to start if you haven't done so already. Protecting your webroot against other protocols (e.g. ftp) would be a next step. Finally, preventing unauthorized people from logging in to your server (where they could connect to the database locally) is a must anyway.

domsom
  • 3,163
  • 1
  • 22
  • 27
1

You could make a single php, containing

$username = ..
$password = ..
$db_host = ..

etc.

Then include it using include_once('database_config.php') wherever you want to use it. It will make it easy to modify later, if you wish to.

This file could be kept outside the HTML root of your website, or secured further using .htaccess rules

Anirudh Ramanathan
  • 46,179
  • 22
  • 132
  • 191
  • Some people even advocate having this file outside the webtree (i.e. if your website is in `~/public_html/` then there's nothing wrong with having the `dbconfig.php` in the `~/` directory - PHP will still be able to read it). Someone more knowledgeable than me might be able to say whether this is actually a good idea or not... – ChrisW Nov 13 '12 at 16:37
  • @LynnCrumbling The variables not being in clear-text will just be extra-overhead right?. In the end, they have to be passed in clear-text to the database server. – Anirudh Ramanathan Nov 13 '12 at 16:40
  • 2
    @LynnCrumbling They should be clear text. Security doesn't happen at this level. Any attempt to obfuscate them is going to be trivially easy to reverse. If somebody can read this file, they can read *all* your files and easily figure out how they are encoded. – user229044 Nov 13 '12 at 16:47
  • Um, no it doesn't. Not at all. You should never put your credentials into source control, "encrypted" or otherwise. You're storing your "encrypted" credentials right next to the code to *decrypt them*. This is not security. You should be including a stub config file with *no* credentials in it in version control. You should be populating this config file with real details on your production server. Those details should *not* be committed to your version control system. – user229044 Nov 13 '12 at 16:55
  • 1
    Yeah. Source control wouldn't contain the credentials at all. Encrypting them at the server IMO provides no better security, just adds overhead. – Anirudh Ramanathan Nov 13 '12 at 16:56
1

Using environment variable in .htaccess is another method to store password securely.

SetEnv MYSQL_DATABASE_HOSTNAME hostname

SetEnv MYSQL_DATABASE_USERNAME username

SetEnv MYSQL_DATABASE_PASSWORD password

It is better to store password with any encrypt and decrypt method.

vellaidurai
  • 45
  • 7