Posted by Gordon Burditt on 10/23/05 18:36

>I have taken over the website duties at work. I am still learning PHP
>and MySQL. I want to have a form where the user enters some finacial
>info and it is stored in a database. It, obviously, needs to be
>secure. I know how to make the input form secure. But what about
>retrieving the data? I was thinking I would use a password-protected
>secure form for that. Is that enough? What if I happen to view the

You need to worry about two different connections, independently:
- The web-server-to-browser connection. https and good authentication
is good enough for this.
- The database-to-web-server connection. MySQL can use SSL for the
database connection. Use of https on the web server does NOT protect
the database connection.

If the database-to-web-server connection is LOCAL (both on the same
server), is security really an issue? If you don't trust the people
who can use shell logins into the box, you probably have much worse
problems than snooping localhost, like cracking MySQL directly. If
the database-to-web-server connection goes over your local LAN only,
security may not be an issue if you have good physical security and
few employees who don't have access to the info anyway. If the
database-to-web-server connection is over the Internet, you have a
problem. Use SSL or SSH tunnels for the MySQL connection.


>records using PhpMyAdmin?

If PhpMyAdmin is not set up on a secure (https) web server, it's insecure.
If the database connection to the web server goes over the Internet and
it's not encrypted, it's insecure.

>Does that constitute an insecure
>transmission? Any other thoughts regarding the security of a setup
>like this would also be greatly appreciated.

Gordon L. Burditt

[Back to original message]