What permission do I need on these scripts so that website users get functionality but cannot read the password in the script?
6
-
Your db config is in a .inc file?fvox– fvox2011-06-09 18:56:12 +00:00Commented Jun 9, 2011 at 18:56
-
As long as your server doesn't ever accidentally serve your PHP script in plain text...BoltClock– BoltClock2011-06-09 18:56:32 +00:00Commented Jun 9, 2011 at 18:56
-
also, i don't understand how to approve a good answer... I want to give people credit, but i don't know what button to press or whatever... this website is confusingTimtam– Timtam2011-06-09 18:56:35 +00:00Commented Jun 9, 2011 at 18:56
-
Boltclock... are you saying that php script is never readable to outside users??? if so, then I have no problem.Timtam– Timtam2011-06-09 18:57:19 +00:00Commented Jun 9, 2011 at 18:57
-
@Timtam: If that's how you have configured your webserver. Best to never store passwords in scripts, though. Just in case.Lightness Races in Orbit– Lightness Races in Orbit2011-06-09 18:58:37 +00:00Commented Jun 9, 2011 at 18:58
|
Show 1 more comment
4 Answers
It is a good idea to store the configuration files outside of the document root in case your webserver or php fails and spits out raw text (note: This is highly unlikely).
However, users navigating to your website will not normally be able to read the contents of your PHP scripts.
4 Comments
Nev Stokes
Not as unlikely as all that — look at what happened to Tumblr recently
John Cartwright
Good point. Which is why it's always a good idea to store anything sensitive outside of the document root, where they can be exposed under certain circumstances.
GolezTrol
Good answer. You should alwasy keep at least the config files, and preferably most of your code outside your documents root.
Timtam
also looks like this issue has already been answered multiple times... basically a duplicate ticket... i'll try not to create those in the future
Assuming they are in the web directory, navigating to the file will only result in their output being displayed to the user so they will be safe without you needing to set special permissions. If the directory is accessible in another way (e.g. ftp) you may want to reconsider why you are allowing users to access the files in that directory.
Comments
Create a file /path/to/secret-stuff that only root can read ( root and not nobody or apache)
SetEnv DB_USER "myuser" SetEnv DB_PASS "mypass"
Include this file into configuration directory of apache
or include it into httpd.conf with
Include "/path/to/secret-stuff"
Comments
First recommandation is that the password should be encrypted. One attacker accessing the password file will not be able to use it without finding out your encryption method (i.e. analyzing your php source code).
But if you are having trouble storing the password in a secure location, another option is to configure the database server with maximum restriction and give up the password: - can login only from webserver - cannot alter schema - can only use 1 database eventually: - cannot delete records - cannot update records - restrict only to necessary tables. - limit number of requests per seconds.
This is much safer than a login pass for a generic user that can take full control of any database on the server and connect from remote locations or other machines on the LAN.
