running admin programs on production server

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
mottwsc
Forum Commoner
Posts: 55
Joined: Sun Dec 23, 2007 8:01 pm

running admin programs on production server

Post by mottwsc »

I'm planning out how I can run PHP administrative programs (that update data in the database) on a production server that runs PHP and MySQL. I'm looking for help from folks who have experience with production servers.

The general idea is to put these PHP programs in another directory that couldn't be accessed with a browser. There, they could be run by me from the command line. One of these programs would be much more helpful if it could be run in a browser because of what it does.

Is there a way to do this safely - namely, run it using a browser but not allow anyone else to run it?

Also, is it safe for me to use MySQL Query Browser on the production machine in order to periodically run queries or make updates to the data in the database?

Thanks!
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Re: running admin programs on production server

Post by Ambush Commander »

It is generally a lot safer to keep the admin programs and command line utilities that can only be run by an SSH'ed in user. They should also be kept outside of the document root.

If you need an HTML admin page, standard precautions for securing it against attackers apply: make sure you have some sort of authentication that works (Apache's HTTP auth is a pretty low tech solution that works nicely), strong passwords, CSRF protection, and, if possible, SSL.

As for MySQL Query Browser, if you are running it on your local machine and connecting to the production server, this means that your database accepts connections from remote hosts, which greatly increases your attack surface. I'd recommend tunneling your MySQL connection over SSH to the server.
Post Reply