473,704 Members | 6,786 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Database password security

Why is it advisable to place scripts which contain details of your
login and password outside of the publicly accessible web area on your
server.
Surely if the files that contain the details are given a php extension
then no-one can get at the information contained by these files even
if they point their browsers directly at the correct named file,
because apache will parse the php file before it is sent.

i.e.

if the file is called options.php and it resides in the web root
directory and contains the following ;-

<?php

define('DBUSER' , 'Username') ;
define('DBPASS' , 'Password123') ;

?>

If a web user points their browser directly at this page they will
just get a blank page - is there another way of gaining access to the
contents of this file that I am overlooking ?

tia
smartbloke
Jul 17 '05 #1
10 2835
SmartBloke wrote:
Surely if the files that contain the details are given a php extension
then no-one can get at the information contained by these files even
if they point their browsers directly at the correct named file,
because apache will parse the php file before it is sent.


During an upgrade a sysadmin, or you, on your server accidentally
forgets to put the LoadModule directive in apache.conf, say for an hour
or so.

During that hour any visitors to your website are treated with the
source code to your page, including all database schema information,
passwords, etc.

Even if it's only 5 minutes, at least one person is bound to see the
sensitive information. It's just safer to keep it out of the publicly
accessible directories.

--
Jasper Bryant-Greene
Cabbage Promotions
Jul 17 '05 #2
.oO(SmartBloke)
Why is it advisable to place scripts which contain details of your
login and password outside of the publicly accessible web area on your
server.
It's advisable to put _all_ scripts outside the document root:

* No one is able to call them from the outside.
* No one is able to call scripts out of context, which may lead to
strange results and error messages.
* You don't have to worry about filename extensions, don't have to use
.php all the time.
Surely if the files that contain the details are given a php extension
then no-one can get at the information contained by these files even
if they point their browsers directly at the correct named file,
because apache will parse the php file before it is sent.


I wouldn't be too sure about that. It's always possible that the server
"forgets" to parse a file (configuration error, maintenance, ...).

Micha
Jul 17 '05 #3
In article <e6************ *************** *****@4ax.com>, Michael Fesser wrote:
.oO(SmartBloke)
Why is it advisable to place scripts which contain details of your
login and password outside of the publicly accessible web area on your
server.
It's advisable to put _all_ scripts outside the document root:
No it's not. Allthough i see reasons not to put files containing
credentials in a public area.

* No one is able to call them from the outside.
If it was impossible or unwanted to call scripts from the outside, why
would there be scripts in the first place? Because we want people to
call some scripts. (And those we don't want them to call, we should not
make public)

* No one is able to call scripts out of context, which may lead to
strange results and error messages.
Actually, this depends totally on how the scripts are designed. If they
are well-designed, they will know when they are expected to be executed
(and when they should dispatch controll to another script).

But there is no relationship between knowledge about their context, and
the place where they are (public vs non-public area)

* You don't have to worry about filename extensions, don't have to use
.php all the time.


Again, this is true for both public as non-public areas. And thus not a
good reason to put them outside the public area.

--
Tim Van Wassenhove <http://home.mysth.be/~timvw>
Jul 17 '05 #4
.oO(Tim Van Wassenhove)
* No one is able to call them from the outside.


If it was impossible or unwanted to call scripts from the outside, why
would there be scripts in the first place?


I was referring to scripts performing backend tasks, initialization,
database queries, form processing, calculations etc., in other words all
the "applicatio n logic" or whatever you like to call it. Of course the
scripts representing webpages have to be accessible.
* No one is able to call scripts out of context, which may lead to
strange results and error messages.


Actually, this depends totally on how the scripts are designed. If they
are well-designed, they will know when they are expected to be executed
(and when they should dispatch controll to another script).


Do you know for all of your scripts how they will react if they are
called directly? Even if you put everything in classes and functions,
there may still be unresolved dependencies because the script was not
called from within another it depends upon. I have many scripts that
call methods of a global application object. If this object is not
available it'll rain error messages. I avoid such trouble with simply
making them not available to the public. All application and library
stuff is outside the document root.
* You don't have to worry about filename extensions, don't have to use
.php all the time.


Again, this is true for both public as non-public areas. And thus not a
good reason to put them outside the public area.


An often heard "security" argument is to give scripts the extension .php
so the server would always parse them (.inc files would be delivered as
plain text for example in most cases). Outside the document root the
filename simply doesn't matter, because it's out of reach of the
webserver and the PHP interpreter doesn't care about filenames.

Micha
Jul 17 '05 #5
In article <4p************ *************** *****@4ax.com>, Michael Fesser wrote:
.oO(Tim Van Wassenhove)
* No one is able to call them from the outside.
If it was impossible or unwanted to call scripts from the outside, why
would there be scripts in the first place?


I was referring to scripts performing backend tasks, initialization,
database queries, form processing, calculations etc., in other words all
the "applicatio n logic" or whatever you like to call it. Of course the
scripts representing webpages have to be accessible.


Although you cutted it away, you said and i quote:
It's advisable to put _all_ scripts outside the document root:

That made me think you were not only referring to scripts performing backend
tasks...
* No one is able to call scripts out of context, which may lead to
strange results and error messages.


Actually, this depends totally on how the scripts are designed. If they
are well-designed, they will know when they are expected to be executed
(and when they should dispatch controll to another script).


Do you know for all of your scripts how they will react if they are
called directly? Even if you put everything in classes and functions,
there may still be unresolved dependencies because the script was not
called from within another it depends upon. I have many scripts that
call methods of a global application object. If this object is not
available it'll rain error messages. I avoid such trouble with simply
making them not available to the public.


Here i think you're just handling the unwanted results and not the causes.

If the script is designed well, it can detect if it's expected to run.
And it can perform data validation. And it can redirect the user to the
right script (Or at least die and log the error) instead of thrashing the database.

All application and library
stuff is outside the document root.


I agree :)
* You don't have to worry about filename extensions, don't have to use
.php all the time.


Again, this is true for both public as non-public areas. And thus not a
good reason to put them outside the public area.


An often heard "security" argument is to give scripts the extension .php
so the server would always parse them
(.inc files would be delivered as
plain text for example in most cases).


There are more things that i hear often, although i not agree with them.

Imho a file that contains credentials, should not be in a public place.
It doesn't even matter if it's name ends with .php and is likely to be
interpreted by PHP before being shown. Blame it on Murphy :)

--
Tim Van Wassenhove <http://home.mysth.be/~timvw>
Jul 17 '05 #6
.oO(Tim Van Wassenhove)
Although you cutted it away, you said and i quote:
It's advisable to put _all_ scripts outside the document root:

That made me think you were not only referring to scripts performing backend
tasks...
Yep, my fault, was misleading. Sorry.
Here i think you're just handling the unwanted results and not the causes.

If the script is designed well, it can detect if it's expected to run.
And it can perform data validation. And it can redirect the user to the
right script (Or at least die and log the error) instead of thrashing the database.
I'm talking about the backend. ;)

The scripts (class definitions for example) don't know anyhing about
webpages, users or whatever. They are just used and instantiated from
within other scripts, but they have to be sure that some other scripts
or objects they rely on are already loaded or instantiated. It wouldn't
make sense to implement some detection mechanismn to avoid direct calls
in this case, the overhead and performance hit would be too heavy I
think (and I can't think of an easy way to do it at the moment).
Imho a file that contains credentials, should not be in a public place.
It doesn't even matter if it's name ends with .php and is likely to be
interpreted by PHP before being shown. Blame it on Murphy :)


ACK

The more important the file content is, the more likely the server will
fail and not only show the file in plain text to all visitors, but also
replace all pages on that site with the confidential file to reach the
maximum audience and mail it to AOL ... SCNR

Micha
Jul 17 '05 #7
JV
Please forgive me for sounding like a noob about this, but I kinda am new to
apache w/ php mod.
"Michael Fesser" <ne*****@gmx.ne t> wrote in message
news:e6******** *************** *********@4ax.c om..
<snip>
It's advisable to put _all_ scripts outside the document root:

<snip>

where is a safe place to put such script files that the apache server is
still capable of accessing them?

and how do u include the files if they are outside the document root scope ?

JV
Jul 17 '05 #8
"SmartBloke " <sm********@mai l.com> wrote in message
news:e9******** *************** ***@posting.goo gle.com...
Why is it advisable to place scripts which contain details of your
login and password outside of the publicly accessible web area on your
server.


It's largely pointless from a practical point of view. The database
login/password doesn't buy your much, since databases are rarely set up to
accept connect from anywhere.

It's the kind of things that people who think they know security (but really
do not) do.
Jul 17 '05 #9

"JV" <jveil.hotpop@c om> wrote in message
news:spt%c.1448 14$Fg5.63485@at tbi_s53...
Please forgive me for sounding like a noob about this, but I kinda am new
to
apache w/ php mod.
"Michael Fesser" <ne*****@gmx.ne t> wrote in message
news:e6******** *************** *********@4ax.c om..
<snip>
It's advisable to put _all_ scripts outside the document root:

<snip>

where is a safe place to put such script files that the apache server is
still capable of accessing them?

and how do u include the files if they are outside the document root scope
?

JV


Via the include_path directive in the php.ini file. In my case I have a
directory called "includes" which is outside the document root, therefore
inaccessible from any URL. When a script contains include('filena me.inc')
PHP will first look in the current working directory. If the file exists
there it will be used from there. If it does not exist there then PHP will
look in each of the directories specified on the include_path directive
until it gets a hit. Simple, isn't it?

If you do not have access to the php.ini file then you can modify the
include_path directive in any of the following ways:

(a) If your web server is Apache you can create a .htaccess file containing
the following:

php_value include_path "...."

Note that the format of the string varies between Windows and Unix.

(b) Within a PHP script you can use the ini_set() function to supply a new
value for include_path.

Hope this helps.

--
Tony Marston

http://www.tonymarston.net

Jul 17 '05 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

12
4913
by: Pat A | last post by:
We have a dilemma. We are storing our database password in an include file that resides outside of the web root. The password is in plain text. So, no one can get that password because it can't be served up by the web server. So far, so good. The customer wants all of our passwords encrypted. So, how do I go about securely encrypting that password? If I use mcrypt, I have to store a key and an IV somewhere...and if those are in...
5
2582
by: kai | last post by:
Hi, All I try to block some one import my Access database tables using Access database. I used password protection, but if some one crack through my password, are there any other methods to block some one importing my tables using Access database? Thanks
4
1727
by: Ant | last post by:
I am trying to apply security to a database I have just finished. The application is split into a back end of tables and a front end of forms etc. I need some users to have access to forms based on some queries but not others. My question is do I run the security wizard in the back end DB or the front end? If I just do the front end I seem to have more control (Queries, individual forms etc) but what’s to stop some one just opening the...
6
2386
by: N. Graves | last post by:
Thank you for taking your time to read my question... please offer your knowledge it will be appreciated! I'm writing a ASP Web page to access a Access Database that has a Database Password set. If I remove the password I'm able to read and work with the database. Here is the code that I have to open the connection to the Database: Set objDB = Server.CreateObject("ADODB.Connection")
6
3158
by: clusardi2k | last post by:
Hello again, I have to go home and read up on Access. But, I have read else-where in this newsgroup that I can just save the password in the database under scrutiny. Wouldn't it be wasteful to create a password column for all database entries?
3
4157
by: jason | last post by:
I've been playing around with new (for 2.0) membershp functionality. I was able to build a simple login form that secures a directory on a project I built locally on my development desktop. However, when I attempt to follow the same steps on the remote test server (a website I access via filesystem security accross my lan ).. I get the following when I attempt to select the security tab from the administer selection of the login...
12
2725
by: mistral | last post by:
phpMyAdmin 2.6.2 problem: can no connects to mySQL database: each time shown error #1045 - Access denied for user 'username'@'192.168.1.2' (using password: YES) Is seems, this is most common problem for mySOL and phpMyAdmin. Extremelly ugly and inconvenient program.
1
3724
by: Rameel | last post by:
Friends, I'm probably being more critical with VB.Net Windows application. I have Developed VisualStudio 20005 VB.Net Windows application how willl i be able to save a specific record into my database file throu GUI Save Record button? As i write the comand as foloow but it is not inserting the new record in to the Access Database. Public Function Open_Connection() As Boolean Try Select Case...
2
2204
by: afromanam | last post by:
Hello, I need to link some tables (which are in DB1) to another database (DB2). But DB1 is password protected. Please let me say this clearly: 1. DB1 does NOT have a database security password set, as in (Tools - Security - Set Database Password)
10
3365
by: Les Desser | last post by:
In article <fcebdacd-2bd8-4d07-93a8-8b69d3452f3e@s50g2000hsb.googlegroups.com>, The Frog <Mr.Frog.to.you@googlemail.comMon, 14 Apr 2008 00:45:10 writes Not sure if I quite follow that. 1. Data encrypted by AES key 2. AES key encrypted with Asymmetric public key (?)
0
8679
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9134
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
0
7885
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
1
6603
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
4437
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
0
4698
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
3132
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
2
2474
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
2078
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.