I often write programs that use web services like UPS/authorize.net/paypal/etc where each one has username, password, api key, whatever key.
I like to store those values in a config file (a php file) in some misc directory
I've also seen it done by storing the stuff in the mysql database.
Which do you think is safer, in a file or in the database? where one can get stolen in a FTP/command prompt hack, and the other could get stolen with a database hack
Well, it depends. Do you have the passwords / usernames encoded, and are they encoded more than once? I would go with MySQL, it's a bit less hackable.
I wouldn't store plain text passwords/keys/etc either in database or text files. It is always better to ask user for sensitive information everytime. If not possible, use some encryption algorithm which allows private/public key pair. You can store public key and encrypted sensitive data in either db or file (even if it is hacked, it will not make sense unless you have private key). Ask for private key to be passed by user (may be once per session or so). Then use the info to decrypt the sensitive data.
|kv wrote: |
|I wouldn't store plain text passwords/keys/etc either in database or text files. It is always better to ask user for sensitive information everytime. If not possible, use some encryption algorithm which allows private/public key pair. You can store public key and encrypted sensitive data in either db or file (even if it is hacked, it will not make sense unless you have private key). Ask for private key to be passed by user (may be once per session or so). Then use the info to decrypt the sensitive data. |
The password/keys/etc is for the client's company paypal/authorize.net account so the program can bill a credit card, UPS so it can calculate shipping charges, etc so it use a site's geocoding, all stuff done in the background, sometimes in a cron job
I guess the question also applies to the database's username/password used for connection, but obviously that can't be stored in the database it connects to.
My logic for doing it in files is.
. A SQL injection attack could be used
. If the site files are hacked so the php files are stolen/read/edited, the database can also be at risk
. . They can get the database username/password
. . They can get the encryption key that decrypts their customer's credit cards in the database
. . They could write a backdoor program into the database
If my config file looks like
How should I go about encrypting it so it's safer?
In this case, I guess encryption is not a solution, since you will have to decrypt it before using. And if you are using a weak encryption which does not require password to decrypt and is based on some algo, it is as good as no encryption.
If you are using a *nix box and apache, having data in php file and the file having permissions only for the user running apache should make it secure enough.
for some reason I like using htacces combined with htpasswd to make the directories protected...
that wouldn't really change anything here.
Don't know how anyone would read from a php file anyway, besides access to the server, but wouldn't he be able to make a new php file and execute that with apache? or a serious exploit in your code, but in that case he could read the file just like apache could.
Have a look on how other CMS or Forum board does this and learn from them.
If somebody has access to your files then you lost there.
Your php application should reach the database so you need to store the username, password somewhere to that too.
Protect your directories and always give minimum permissions everywhere.
Try use some uniqunes on that how you encrypt your passwords, for example more then once encryption, salt using and where you put the salt.
Always make sure to check the validy of the information which comes to your application.
On this vulnerability search for "SQL Injection", "XSS Attack" or "XSS Hack" and "CSRF" and "XSRF" attacks and that how can you protect yourself from these. These are the most common attacks on the "frontline".
first of all , use a perfect password so that no one can guess it then try using crypt() function in php since it doesnt have a decrypt function , no one will ever be able to see you password even if they have access to your file http://www.php.net/manual/en/function.crypt.php , since there is no decryption, it has a one-way algorithm