Does anyone know resources from MySQL database security resources.
Jaxn
Printable View
Does anyone know resources from MySQL database security resources.
Jaxn
There isn't too much on the net as far as securing MySQL. Probably because most of it is common computer security procedures. As long as you understand the privilege tables (read up on MySQL's own site), have good passwords, and don't give the password out in your database interface you should be alright.
Is there anything specific that you are interested in?
When you say "don't give the password out in your database interface", what exactly do you mean. When interfacing MySQL through php you must have the username and password written in plain sight in your php code. I don't know of a way to get the source to php files from a web server, but I am worried that it is possible.
That is only the first concern that is running around my head right now. I was mainly wondering if there was a place to get some tips about securing MySQL (or SQL in general), and keeping php secure.
Thanks.
Jaxn
There shouldn't be a way to see the php source. One problem if you host with a company that has many sites on the same computer is that if you telnet in, you can see the files in other sites. So...anyone with a site could possibly get your password if you have it hardcoded in a php document. This can be a really big problem because most of the time the password for the MySQL database is the same as the account password.