Storing plain text sensitive details
Posted: Wed Jan 30, 2008 2:20 pm
How do you deal with the situations where you need to store sensitive details in text files and plain text...
I have details such as SMTP, FTP and MySQL credentials stored in some ini files.
As a first line of defence, I stored these files outside of the docroot so they are inaccesible from the outside. It's a dedicated server with no other "known" users. However I still worry that someone may still gain access to the system and possibly exploit a daemon to read plain text files and possibly obtain credentials.
I thought of maybe converting the INI files into a encrypted PHP script with one of those encrypters...the problem with that approach is that now my users will not be able to update their INI settings if they ever change their SMTP or MySQL database, etc...
Storing these details in a database is not an option, they must remain as INI files.
Cheers
I have details such as SMTP, FTP and MySQL credentials stored in some ini files.
As a first line of defence, I stored these files outside of the docroot so they are inaccesible from the outside. It's a dedicated server with no other "known" users. However I still worry that someone may still gain access to the system and possibly exploit a daemon to read plain text files and possibly obtain credentials.
I thought of maybe converting the INI files into a encrypted PHP script with one of those encrypters...the problem with that approach is that now my users will not be able to update their INI settings if they ever change their SMTP or MySQL database, etc...
Storing these details in a database is not an option, they must remain as INI files.
Cheers