Phil,
Although I see many answers to your questions there is another VERY
important issue that has not been addressed. When you move your website
to a host will it be dedicated or shared?
* If it is dedicated then keeping your user/pass outside the webroot
directory will secure the file from being displayed over the internet
in the event apache breaks or a configuration has been mistakenly
changed.
* If it will be on a shared server then you must make sure you host has
configured the server correctly for security. Being on a shared host
means that there will be other accounts that will be able to login to
the server. If PHP is installed as a cgi and apache is using suexec
then all your PHP files will execute are your user name. PHP files can
have permissions that only your user can read them. This means your
files are secure.
* If PHP is installed as an apache module (most hosts do) then your php
files, including the file where your user/pass is in, must be readable
by apache. So they must be world readable. Without getting to indepth
and confusing you, the following must be observered.
1) All users accounts on the shared server must be jailed. This means
that a user is trapped inside their home directory when logged in (ssh,
telnet, ftp) which restricts them from reading files outside their
directory.
2) PHP's safe_mode must be on. This restricts a users scripts (which
are executing as apache) from reading files that it has permission to
if they are not readable by that user account.
I am a consulted and have worked on more then one project where it was
possible to retrieve other user/pass crediantials on a shared server.
Make sure your server is secure.
Phil Coen wrote:
I have been learning PHP on my own time and have an Apache server on my
network at home. Obviously security is not a problem on this setup.
But as I begin to think about actually using code on a publicly addressably
server someday, the examples in my books seem to be wide open to the world.
Most use an HTML form that calls a separate php program. Most of the
passwords are either hard coded in that php module or are in a file
accessable by that module.
Heck, anybody can download the php script and look at the passwords. Or,
use it to see what file it is pointing to.
Am I missing something here?
Where should the logon security for the web site actually be?
Thanks anybody
Phil