Following on from my previous post
Originally Posted by rnd me
so once a hacker dumps and drops your mysql tables
vis a vis creating a website account specification:
This could be an ongoing process, adding features that would be provided in the plugin package.
However, the underlying principal would be to present a package that is as secure as possible.
OR if high security involves more cost
A layered approach, whereby a site containing no additional user information, could be setup for basic security, AND, where data should be securely stored - that should be catered for.
Really, the whole point of this project is to establish 'what is the current best practice for creating a mysql dbase browser session'.
Your statement above says it all, and begs the question:
Is it possible to setup a dbase that is not accessible to any two bit hacker?
What's the current status on dbase security on typical hosted site solutions?
I'm using the global service GoDaddy, primarily cos it was cheap, and the domain name acquisition was all linked in.
I chose the linux offering, and I believe they run all the latest software versions, and do offer TLS/SSL at additional cost.
Was this one of those 'cheap' servers that you had in mind?
The point is that millions of developers use services of this nature, therefore we really need to understand what the security implications are, and whether or not it is even possible to create a secure website account.