4

I would know if it is secure to centralize database information into one file like this :

db_infos.php:

$server = "localhost";
$user = "root";
$password = "1234";
$database = "foo";
$table = "bar";

And then, include this file when I need to:

include("db_infos.php');
mysql_connect($server, $user, $password);
...

Is there any way to get the database information, else is there other ways more secured or more relevant (both are accepted ;p )?

If it's not secure please tell me why, and how it will :)

hippietrail
  • 582
  • 3
  • 14
torr
  • 143
  • 7

3 Answers3

6

I'd say it is as secure as the directory it is placed it.

The ideal place to store the database connection file would be outside the web root. In this way, an attacker would not be able to gain access to the file using directory traversal attacks.

More information on directory traversal: http://en.wikipedia.org/wiki/Directory_traversal_attack

This page also has more information on the subject: https://stackoverflow.com/questions/6322766/php-basics-where-to-store-mysql-password-used-by-php

Community
  • 1
2

Firstly, live by the least privilege rule. Unless you explicitly need to write to the database on a given page, use a read only user.

I generally try not to ever hardcode the credentials into the source code. It always just seemed wrong (even on a server side language). Rather, I put them into a restricted read-only configuration file that's outside of the root directory. I believe you can store the connection details inside your httpd.conf or virtual hosts file (if your host grants you access to it), this way you can call mysql_connect without any parameters, which will default to reading from the configuration.

Lastly, configure your server to only accept connections from the server and local user itself and block everything else. Do not display the credentials on error outputs. Better yet, disable errors all together and test changes locally before up you make them live. MySQL has a tendency to spit out valuable information

Fairlight
  • 705
  • 3
  • 5
  • It is usually a good idea to disallow TCP connections altogether and use Unix sockets, which require the web server to have filesystem access to the socket (i.e. the database server places a socket in the web server's chroot) and allow for authentication without a password (the database server can query which user and process is connecting). – Simon Richter Jun 05 '12 at 10:43
1

Yes, it is OK to centralize the connection information and credentials for the database into a single configuration file.

However, do not store that file under your web root. Make sure you store it elsewhere outside the web root. There are two reasons for this. First, if you're not careful, someone might be able to access that file through their browser, and then they learn everything needed to connect to your database. Second, if you're not careful, your editor might save backup copies of the file, again causing it to be exposed to the world (see here for more detail).

Also, do not check this file into the source code version control system. You don't want your passwords and crypto keys exposed in that version control system, with copies kept forever and backed up persistently.

For more information, see the following questions on this site: Is it a secure way to declare DB parameters in htaccess rather than in a PHP file?, where to store a key for encryption, Should a closed source website keep a secret key in its source?, and How do open source projects handle secure artifacts?.

Community
  • 1
D.W.
  • 98,420
  • 30
  • 267
  • 572