Hobbyist_PHPer Posted June 14, 2012 Share Posted June 14, 2012 MySQL client version: 5.1.63 Hello everyone My question is this, I have a database that is not only the backend database for my SAAS type application, but is also the database for all transactions for multiple sites... currently those sites are hosted on my dedicated server, and don't have ftp access to see the database connection information, but in the real near future I'm going to have to figure out a way for sites that are not hosted with me, that have their own ftp access, to be able to connect to the database... How can I do that without compromising the security of the database? I have a few ideas, not sure if they are sufficient or viable though... create a new mysql user for each website/user, give them only CRUD privileges, require that they have a dedicated IP address for their website so that I can add that IP address to a list that can remotely access the database... That's about all I have unless there's a way to say that a particular mysql user can only access records that have their ID in the tables... Quote Link to comment Share on other sites More sharing options...
fenway Posted June 16, 2012 Share Posted June 16, 2012 Well, you can do all sorts of fancy things with views and permissions. But are you talking about letting a remote application connect to your DB directly? Sounds like a bad idea. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.