• Registered: 2004-09-25
  • Posts: 8

Topic: Possible to encrypt MySQL password in config.php

Is it possible to encrypr the MySQL password in config.php ?

Btw great forum!

  • From: 127.0.0.1
  • Registered: 2001-11-02
  • Posts: 9,167

Re: Possible to encrypt MySQL password in config.php

No. The only thing that comes to mind is code obsfucation. There are a few PHP code obsfucation tools. Here's one:

http://www.ioncube.com/

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Rickard's Website

  • Connorhd
  • Connorhd
  • Former PunBB Developer
  • Offline
  • From: Leeds, UK
  • Registered: 2004-06-13
  • Posts: 4,195

Re: Possible to encrypt MySQL password in config.php

well if you encrypt the password then it can't be used to access the database can it?

FluxBB.
Connorhd.co.uk.

Connorhd's Website

  • Registered: 2004-09-25
  • Posts: 8

Re: Possible to encrypt MySQL password in config.php

Well maybe it is an option for one of the next releases. Because everyone can see my password now if they download the config.php file. And if they know my password, the can log in to the database....:'(.

  • From: 127.0.0.1
  • Registered: 2001-11-02
  • Posts: 9,167

Re: Possible to encrypt MySQL password in config.php

But config.php can't just be downloaded. You would need FTP access for that.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Rickard's Website

6 Reply by zaher

  • zaher
  • Senior Member
  • Offline
  • From: Syria, Damascus
  • Registered: 2004-02-16
  • Posts: 773

Re: Possible to encrypt MySQL password in config.php

Maybe he share his site with a friends smile.

If your people come crazy, you will not need to your mind any more.
  • Connorhd
  • Connorhd
  • Former PunBB Developer
  • Offline
  • From: Leeds, UK
  • Registered: 2004-06-13
  • Posts: 4,195

Re: Possible to encrypt MySQL password in config.php

how could it be encrypted and still used? and if it is encoded anyone who knew where to get it could know how to decode it :S

FluxBB.
Connorhd.co.uk.

Connorhd's Website

8 Reply by JohnS

  • JohnS
  • Senior Member
  • Offline
  • From: Warrington, UK
  • Registered: 2003-10-12
  • Posts: 131

Re: Possible to encrypt MySQL password in config.php

The way I got round things was to rename my config.php as forum_config.php and stick it in my cgi-bin.
Then I just modified config.php in my forum root directory to include this file.
I've done this with all my config files for different apps and it keeps passwords, etc. away from prying eyes.

I've been down so long it's beginning to look like up..

JohnS's Website

  • Connorhd
  • Connorhd
  • Former PunBB Developer
  • Offline
  • From: Leeds, UK
  • Registered: 2004-06-13
  • Posts: 4,195

Re: Possible to encrypt MySQL password in config.php

which prying eyes?

FluxBB.
Connorhd.co.uk.

Connorhd's Website

10 Reply by JohnS

  • JohnS
  • Senior Member
  • Offline
  • From: Warrington, UK
  • Registered: 2003-10-12
  • Posts: 131

Re: Possible to encrypt MySQL password in config.php

Anyone who was determined.
I would consider any file below htdocs to be accessible to someone who was intent on getting info.

I've been down so long it's beginning to look like up..

JohnS's Website

  • Connorhd
  • Connorhd
  • Former PunBB Developer
  • Offline
  • From: Leeds, UK
  • Registered: 2004-06-13
  • Posts: 4,195

Re: Possible to encrypt MySQL password in config.php

hmmm i seriously doubt it.. otherwise all the php sites on the net would constantly be being broken into

so why would moving it into cgi-bin help?

FluxBB.
Connorhd.co.uk.

Connorhd's Website