php 如何使我的数据库连接安全?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2345773/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do I make my database connection secure?
提问by JoeCortopassi
I'm currently working on a website for my church's college group, and am started to get a little worried about the security of what I'm writing. For instance, I use this function:
我目前正在为我教会的大学小组开发一个网站,并且开始有点担心我所写内容的安全性。例如,我使用这个函数:
function dbConnect()
{
global $dbcon;
$dbInfo['server'] = "localhost";
$dbInfo['database'] = "users";
$dbInfo['username'] = "root";
$dbInfo['password'] = "password";
$con = "mysql:host=" . $dbInfo['server'] . "; dbname=" . $dbInfo['database'];
$dbcon = new PDO($con, $dbInfo['username'], $dbInfo['password']);
$dbcon->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$error = $dbcon->errorInfo();
if($error[0] != "")
{
print "<p>DATABASE CONNECTION ERROR:</p>";
print_r($error);
}
}
to connect to the database whenever I do a query of some sort. I always use the PDO prepared statements to prevent SQL injection from any user input, and I use htmlspecialchars to escape before outputting. My question is this: How do I protect my username and password for my database?I don't know if someone can view the source for my PHP files, but if they could, I can only imagine I would be hosed. What do I do?
每当我进行某种查询时连接到数据库。我总是使用 PDO 准备好的语句来防止来自任何用户输入的 SQL 注入,并且我在输出之前使用 htmlspecialchars 进行转义。我的问题是:如何保护数据库的用户名和密码?我不知道是否有人可以查看我的 PHP 文件的源代码,但如果可以,我只能想象我会被灌输。我该怎么办?
采纳答案by Skilldrick
You should put your database credentials in a file outside of the document root, so if something messes up and your PHP gets shown to users un-parsed, no-one will be able to see your password.
您应该将您的数据库凭据放在文档根目录之外的文件中,这样如果出现问题并且您的 PHP 显示给用户未解析,则没有人能够看到您的密码。
Have a look at this article on the subjectthis article on the subject:
The solution is simple. Place all sensitive data outside of your web server's document root. Many experts now advocate placing most, if not all, of your php code outside of your web server's document root. Since PHP is not limited by the same restrictions are you web server, you can make a directory on the same level as your document root and place all of your sensitive data and code there.
解决方法很简单。将所有敏感数据放在 Web 服务器的文档根目录之外。许多专家现在提倡将大部分(如果不是全部)php 代码放在 Web 服务器的文档根目录之外。由于 PHP 不受 Web 服务器的限制,因此您可以在与文档根目录相同的级别上创建一个目录,并将所有敏感数据和代码放在那里。
回答by cletus
Ok, this needs some clarification. Some have suggested that you put sensitive data outside the document root. This has somemerit but is more placebo than anything else in practicality.
好的,这需要一些澄清。有人建议您将敏感数据放在文档根目录之外。这有一些优点,但实际上比其他任何东西都更像是安慰剂。
You have to consider potential sources of problems.
您必须考虑问题的潜在来源。
Someone with shell access to the machine will compromise your database connection information regardless of where you put it. This can include both authorized users and those who exploit a vulnerability to get shell access (this has happened a lot);
If PHP is disabled or the Web server is fooled into thinking it is then there is the possibility that PHP files are served in raw form. Putting them outside the document root will protect you against this;
If someone somehow manages to write a PHP script to the document root, it's basically the same as someone having shell access so no measure will protect you.
不管你把它放在哪里,对机器有 shell 访问权限的人都会破坏你的数据库连接信息。这可能包括授权用户和利用漏洞获得 shell 访问权限的用户(这种情况经常发生);
如果 PHP 被禁用或 Web 服务器被愚弄认为它是,那么 PHP 文件可能以原始形式提供。将它们放在文档根目录之外将保护您免受此影响;
如果有人以某种方式设法将 PHP 脚本写入文档根目录,这与具有 shell 访问权限的人基本相同,因此没有任何措施可以保护您。
Practically, if your Web server is compromised it is, the cases where your config files are outside the document root will protect you are fairly unlikely.
实际上,如果您的 Web 服务器受到威胁,那么您的配置文件在文档根目录之外的情况将不太可能保护您。
The main point of security with databases is to ensure that someone from the internet can't connect directly. This can be done with a firewall, binding the database to a private IP address or putting the database on a private server.
数据库安全的主要目的是确保互联网上的某个人无法直接连接。这可以通过防火墙完成,将数据库绑定到私有 IP 地址或将数据库放在私有服务器上。
回答by Josh
There are precautions you can take. Create a mySQL user that is specific to what your application needs to be able to do. This can limit the amount of damage an attacker can do if he's compromised your username and password. For instance, allow the user to insert, update, select etc, but NOT drop, etc. Further, as cletus mentioned, the database should not be accessible to the outside. On shared hosting environment, this usually means the db can only be connected to from your www server or localhost.
您可以采取一些预防措施。创建特定于您的应用程序需要能够执行的操作的 mySQL 用户。如果攻击者泄露了您的用户名和密码,这可以限制攻击者可以造成的损害程度。例如,允许用户插入、更新、选择等,但不能删除等。此外,正如 cletus 所提到的,外部不应访问数据库。在共享主机环境中,这通常意味着数据库只能从您的 www 服务器或本地主机连接。
Re: kalpaitch, don't pass your password around in some reversible hash. People should never see your source.
回复:kalpaitch,不要在一些可逆散列中传递你的密码。人们永远不应该看到你的来源。
