storing mysql access credentials as env variable?

pyro13

hi guys.

what is best practice method of storing mysql access credentials... my current method is through including them as environmental variables through apache config although cannot be the most secure method im sure you are aware.

any advice would be appreciated

justsomeone

I like to put them into an include file and encrypt that file using something like PHP accelerator or Zend Accelerator.

There's no absolutely foolproof answer.

As well as being protective of the connection details, which you obviously are - it's also important from the database server to lock down the mysql account to the minimum possible permissions. Only allow access to that user to the appropriate tables with the correct read/write level, and only from expected servers.

pyro13

thanks justsomeone,

zend is a touch expensive for me, I think I am safe as it is using environmental variables for the time being. as you say there is no foolproof method, although i will look into encrypting them

justsomeone

PHP Accelerator is free 🙂