FEELING VERY EXPOSED

Anon

Hello,
Im new to PHP.
My Db is up and running though I feel very exposed and think my data is not very secure - why?

because
a) I can only access the db using a password and usernam which I have to hardcode into the php script? - is this right, surely someone could look at the php files on the site and read the code?.

b) My php access username and pwd are the same as to the admin for my entire site. It doesnt seem right. I didnt create the username/pwd the database did in its auto creation.

c) All the .PHP / HTML files are open for access - surely someone could copy them and see the pwd and code?

Am I missing something here?
thanks

Anon

well the information yuo gave is not very exhaustive, but to answer your questions:

yes you have to save the user/password somewhere in the scripts because otherwise how would you connect to the db ?

normally noone from outside (the internet) can read you php files if they are always named php, because all they will get is the stuff you generate in the script, not the script itself, that is interpreted by apache.

on the other hand, if you are on a multi-user server and the local file system rights are bad then someone else with an account on the server can just use telnet or ftp to download your files.

and last but not least, if you have your own mysql db you can create new users with less rights and different password to connect to the db. look at the mysql_setpermission script if you are using mysql, or at whatever came with your db. if you are in a shared environment then you're probably out of luck, talk to the tech support team.

mats
have more fun!

parena

In addition, you could create a file called connect.php or something, where the connection to the database is made and put it outside your webdir. Let's say you have "thisfileneedstoconnect.php", in your webroot, it would contain a line like this:

require("../connect.php");

[deleted]

a) You don't have to hardcode it into PHP, only have to have a way of getting it into PHP. A common way is to put the username and password in a script outside the documentroot. That means that the webserver cannot serve that script as a page, so nobody can get at the data in it.

There are more advanced (read: more secure) methods, but this is a good start.

b) It is never a good idea to use the same username and password for more than one thing. Change this immediately.

c) This is only a problem in a multi-user environment. This can be prevented by creating several webservers that run under different userids. Then all the sourcecode can be owned by different users, and therefore be set to read-only by those users.