GD77 Posted April 1, 2013 Share Posted April 1, 2013 How safe is to rely on codeigniter own encryption key..?If you used encryption key do you have to encrypt the config.php file? Any ideas aside from storing the key into the db then loading it to the config.php which in turn might pose a bit of performance issue but still might be better solution... Quote Link to comment https://forums.phpfreaks.com/topic/276375-codeigniter-security-safety/ Share on other sites More sharing options...
Mahngiel Posted April 1, 2013 Share Posted April 1, 2013 Why would you imagine you'd need to encrypt the config file? If somebody has access to your server files, they wouldn't need to know your encrypt key to access the information that would be encrypted anyway. I think your paranoia has blinded your thought process. Quote Link to comment https://forums.phpfreaks.com/topic/276375-codeigniter-security-safety/#findComment-1422273 Share on other sites More sharing options...
GD77 Posted April 2, 2013 Author Share Posted April 2, 2013 (edited) Ya I agree I am a bit paranoid though I still think it s a good Idea if you store the encryption key in the db and encrypted since most of us are on reseller or web hosting servers.. About encrypting the config file!!! many times I had access to web servers either for new web making or editing and like everyone you ll have access to all users 's files on that server... this is my main concern... Edited April 2, 2013 by GD77 Quote Link to comment https://forums.phpfreaks.com/topic/276375-codeigniter-security-safety/#findComment-1422410 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.