Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7
  1. #1
    Regular Coder student's Avatar
    Join Date
    Jan 2007
    Posts
    129
    Thanks
    13
    Thanked 0 Times in 0 Posts

    how to secure my mysql database from others?

    Hello,
    I have some doubts.

    1) if somebody else knows my mysql database username and password ( username with all permissions ) can they copy my database even if they do not know my control panel password?

    2) Suppose I have placed my database username and password in a .php file in my file manager not in the admin folder, is there any possibility for others to steal my username and password?

    3) what steps should I take to secure my mysql database from hacking and all such unwanted dangers.

    Thank you.

  • #2
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    Well if they know your username and password then they can get control yes. Your databases aren't really stored in your control panel like you think they are. They are in a different place on your server. Where I have no idea. As far as the db connection info being in a php file. If you can move the php file to a directory above your public_html directory then that would make it harder for people to view it.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #3
    Regular Coder student's Avatar
    Join Date
    Jan 2007
    Posts
    129
    Thanks
    13
    Thanked 0 Times in 0 Posts
    Hello,
    Can you please inform me how to store the username and password in a file above public_html
    and how to access that from my files.
    please give some example

    otherwise, if I password protect a directory and keep that file there, will this be safe?
    thank you.

  • #4
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    Quote Originally Posted by student View Post
    Hello,
    Can you please inform me how to store the username and password in a file above public_html
    and how to access that from my files.
    please give some example

    otherwise, if I password protect a directory and keep that file there, will this be safe?
    thank you.
    It could be safe but its just better to put it in a folder above your public_html folder. Umm as far as an example there isn't much to explain, its pretty simple.

    Lets say when you login to your server through ftp you see a lot of folders along side your public_html folder. This is where you would put your db connection file.

    To access from php you need to use the absolute path. Usually its something like
    PHP Code:
    <?php include('/home/username/dbconnect.php'); ?>
    To find out what your root path is, make a php file and put this in it
    PHP Code:
    <?php echo $_SERVER['DOCUMENT_ROOT']; ?>
    Upload it to your public_html directory. If you are unable to access the folders above your public_html folder then you might be out of luck and using an htaccess password might work but I'm not sure how well the script will be able to handle the file if its in a password protected directory.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #5
    Regular Coder student's Avatar
    Join Date
    Jan 2007
    Posts
    129
    Thanks
    13
    Thanked 0 Times in 0 Posts
    Hello,
    It worked.
    I placed a file in the public_html
    and accessing it from my php files.
    hope it will be secure.
    thanks.

  • #6
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    No you don't want the file in the public_html folder. I was just telling what to do to get your document root. It will be something like home/username/
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #7
    New Coder
    Join Date
    Apr 2007
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have the same concern. If I have put my config file in above my public_html folder is there any other precautions I can take to make sure my database is secure? This is a big concern for my project.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •