Encryption at rest of cloudflare_api_key

Hi,

We don’t encrypt the API key because there is no way to securely store the decryption key. In order to steal your API key you would need install a malicious plugin or your server would have to be compromised. In either of these cases the attacker would have access to the decryption key (or the plain text API key) so encrypting it doesn’t help much.

That being said if you’re aware of a way we could store the API key more securely we would love to hear!

Thanks,
John

Hi John

You are correct. However we would like to combat a potential risk of just the database being compromised. Many WP sites use third party backup tools (say BackupBuddy, VaultPress, CodeGuard), to keep a snapshot of the database somewhere safe in case the server suffers a fault or something fatal happens to the server. If the third party is being attacked and the database downloaded, the attackers would easily be able to find the unencrypted CF credentials. Another scenario would be with shared hosts not keeping their servers secure or a remote database server that is compromised.

The simplest solution would be using one of the salt values in the wp-config.php to encrypt/decrypt the credentials. If attacks managed to break into the database and not the filesystem, they would only be able to see the encrypted information and not be able to access the salt-keys they would require to decrypt the credentials.

Thanks

• This reply was modified 7 years, 3 months ago by mclaurent.
• This reply was modified 7 years, 3 months ago by mclaurent.

All valid points. I’m not opposed to this idea. I’ve opened PI-1230 internally to track adding this to the WordPress plugin.

Thanks,
John

Hi John,

Have you heard back about this feature at all?

Thanks

Hi @mclaurent,

We have created the ticket regarding the issue. In our future releases this feature should be added. Currently we don’t have a date for our next plugin release.

Thanks