Posted by Shawn Wilson on 10/12/05 02:56

I've recently been trying to be as 'proper' and secure as possible when it
comes to what I write in PHP and when I store information in mySQL. I'm
looking for some suggestions in regard to how I store sensitive data to
protect it as well as I possibly can.

First, in regards to sensitive information like social security numbers,
credit card numbers, and the like - SSL is a given. Also, encrypting that
information when stored in the DB is a given.

As for a good practice, I've been told to put my main library that contains
my DB username and password in the parent directory to the main WWW
directory so it's not possible to get to it via a browser. That makes sense
and I've begun to do that.

My questions really deal with what if someone happens to brute force my FTP
password? Or what if a malicious employee at my ISP decides to pry?

Once someone has access to my files via FTP or a local console - they could
very easily get my database credentials and also my encryption seed and then
have access to all the secure data in my DB. I can use one-way encryption I
guess, but I'm wanting to remember credit card numbers for future
transactions much like Paypal or eBay, so I need two-way for that right?

Besides the obvious of using a 'strong' password, how can I protect this
data so I can with some certainty believe that my client's data is secure?
Even a strong password won't keep the ISP employee out of it though, so is
there anything I can do to ward off the curious or malicious employee?

Thanks in advance!

--
Shawn Wilson

[Back to original message]