5

I have a website developed in PHP. There are 2 classes (in 2 seperate php files) that contain the siteadmin's gmail user id and password (in plain text) and database password (again in plain text). Though none of these classes are displayed on the browser ( like index.php). These files contain only php classes and no html code and the references to those plain text passwords is only through objects of those classes. Off late, I have started to wonder if this is secure enough? I have tried my best (acting as a malicious person) to try and read the contents of the two said php files but was not able to do so. I am not very conversant with developing secure code, so not sure what should be my approach to make sure that these passwords never get exposed. Could any one please suggest best practices to develop php code that can contain such sensitive information securely.

Charles Sprayberry
  • 7,741
  • 3
  • 41
  • 50
Mohit
  • 51
  • 2

3 Answers3

4
  • Put configurable items in a separate configuration file, above your public web directory
  • Make sure you have set correct file permissions to your files
  • Check your web application for local (and remote) file inclusion
  • Have your server up-to-date

Having your passwords at a safe spot is not the complete solution, you'll need to have your complete PHP application secure, and nobody unauthorized should be able to get root/administrator access to the server.

user228395
  • 1,156
  • 1
  • 11
  • 25
  • 1
    You could also `unset()` sensitive information after you've used it, just to prevent it from accidentally leaking from the forgotten `var_dump()`. – Matthew Sep 20 '10 at 09:13
  • +1, except if you have RFI/LRI and its a PHP file then it will just be executed again, and not printed. On the other hand mysql FILE privileges or a more generic directory traversal could be used to read it. – rook Sep 20 '10 at 16:51
0

  1. Don't store passwords in files, because someone will eventually check that file into source control. Or someone will set a permission incorrectly.

  2. Run the application with its own O/S user account

  3. Put the passwords in an O/S environment variable for the application user (not a system environment variable)

Neil McGuigan
  • 46,580
  • 12
  • 123
  • 152
0

Firstly, I'd look at using OAuth for accessing GMail if at all possible - it means you don't have to store credentials at all, and provides some level of protection in case your server does get compromised.

I would also look at the answers to this question.

Finally, if your site is on the public internet, it's worth reading up on at least the basics of internet security, and especially securing web applications. There are all sorts of ways things can go wrong. I like the "hacking exposed" books.

Community
  • 1
  • 1
Neville Kuyt
  • 29,247
  • 1
  • 37
  • 52