So I finished a small application that I am using only on my computer to avoid any problems on the net in regards to security (name it hackers/crackers/enthusiast/whichever).
Since there is no easy way to ask a question like What is the best way to create a secure applicationI decided to send the question out there and ask to what everyone thinks or believes is a secure way to create their applications.
I have been working with PHP/mySQL as user not much as developer for the past years but now trying to learn more about the developer side, I have hit a wall once I have faced Security.
For a while I was certain that putting my sql connection in a PHP file it was ok, this believe was even stronger while using different applications out there that place their connections logarithms inside folders named as simple as connections, and if we want to examine this theory further if you create a Database Connection in Dreamweaver the application itself will create a folder titled Connections and inside that folder it will write the scripts necessary to connect to your DataBase.
With all this in mind I ran into a basic tutorial that highlighted the importance of having your connections secure and one recommendation was to place your connections script (or PHP file) under a password protected directory. This would be an overkill IMHO and not only that but securing a password with another password?
One thought on “The TRUTH about PHP/mySQL security Part I”
Comments are closed.