Jump to content

Security Issues


dcyuri7

Recommended Posts

I'm new to mysql/web interaction, but I keep getting the feeling that it is in some way "hackable". I mean... the username and password to access the db on my site are directly placed within the .php file that uses the data.

Does anyone have any tips or reccomendations as far as security with access goes?
Link to comment
Share on other sites

The MySQL server should only be accepting connections from your web server. This is part of MySQL's user management. If you do not own the server, ask the owner to secure it for you.

That way even if someone knows the user name and password, he still can't get in. Also it should be fairly difficult to get access to your PHP source. An attacker would have to get into the web server first.
Link to comment
Share on other sites

Agreed -- anything on the server is only as secure as your FTP/SSH passwords, depending on how you access it. And typically, MySQL will only allow localhost connections. If you're on a shared host, they usually only have a single MySQL server running, but their pretty good about keeping access to you DB limited to your account (though it might be possible to see the name of your DB).
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.