Jump to content

Recommended Posts

Hey,

For security purposes i need to place the username and password for my mysql database somewhere where they can't be found...

 

i've tried placing them above the root directory but not all hosts allow this so i get a "open_basedir restriction in effect" message.

 

i've read in the o'reilly php cookbook that setting them as environment variables is one of the best way to go...

 

but i'm on a shared server so i dont have access to the httpd.conf file to do this...

 

does anyone know what i could do?

Link to comment
https://forums.phpfreaks.com/topic/63333-hiding-database-username-and-password/
Share on other sites

well if you are storing the passwords in a publicly accessible file, if it is .php or some other server compiled language then when someone tries to read it they will just see a blank file.

 

on my host i use a shared server as well, but still there is a WWW directory and i just put all the password files outside this section for extra security.

 

if you cannot do that you could try other things like making a special subdirectory to hold the password files, and use .htaccess to protect that.

I just make a file called mysql_connect.php that stores all the database info and put that outside the public_html folder. Then when you try to add, remove, or edit a pass/user you just call that file when you want to connect

 

<?php
	require_once('../mysql_connect.php');

and so on.

 

.htaccess would work too

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.