How do I protect MySQL Login credentials?

  • Hi

    I am trying to figure out a way to protect the MySql login credentials in the wp-config.php file from prying eyes. It is protected via the .htaccess file from being read via browsing https://site/wordpress/wp-config.php, but I am concerned with the other users of my ISP being able to read it when they are logged in to a shell server. If I set mode 600 on wp-config.pgp then Apache ( which is running non-privileged) can’t read it. The ISP (Sonic.net) recommends placing sensitive files such as those containing login credentials in another directory, removing world read access and accessing them via php in cgi mode.

    https://www.sonic.net/support/faq/advanced/phpwrap/#shellscript

    I’m not sure if I should try to wrap the entire /wordpress directory or if I should try to separate all or part of wp-config.php and wrap it separately. There seems to be quite a few other files that call wp-config.php that I would need to change to the new path if I move it so that doesn’t seem like a good idea for a number of reasons.

    If anyone who has set WordPress up to mitigate this vulnerability can clue me in, I’d mightily appreciate it.

    Thanks

    Claude

Viewing 8 replies - 16 through 23 (of 23 total)

  • It is protected via the .htaccess file from being read via browsing https://site/wordpress/wp-config.php,

    You realize that people can’t view the contents of PHP files from their browser, right?

    Take a look:
    How to determine if your sensitive data is safe in shared hosting

    > You realize that people can’t view the contents of PHP files from their browser, right?

    That doesn’t offer any protection if users sharing the same web host can view the files directly.

    That doesn’t offer any protection if users sharing the same web host can view the files directly.

    Don’t proper hosts not allow one account to access the files in another account?

    You would think so, but from the sounds of it, not necessarily ??

    @viper007bond
    It’s all in permissions. If you have a file with 777 then what prevents another user in shared hosting setup to basically cat/rm the file?

    Normally they setup default permissions properly. However you are free to change it.

    The ground rule of permissions is to assign the lowest possible to make things work. And never 777 anything.

    This was a repeat of the last post. So deleted.

    Thread Starter claudel

    (@claudel)

    It is *not* an issue of people being able to read the credentials file via a browser.
    Part of the problem is that the webserver (apache) runs as an unprivileged user, which is good. The bad part is that the credentials file needs to be readable by the webserver, which means the file permission needs to be world read, which allows other users on the shell machine read access as well as the webserver. I’m almost to the point where I can spend enough time to work out a solution, and I’ll post here what I figure out.

    Claude

    Hi claudel,

    I implemented the solution you linked to in your first post:
    https://www.sonic.net/support/faq/advanced/phpwrap/

    It’s really easy to do, and works well. I’ve now got a config file that is private. Yes, the whole thing runs as me instead of ‘nobody’, but I think that’s better than having my credentials exposed.

    You do need to wrap all the PHP scripts in the wordpress directory, because any of them may access the config file. It’s the entry point that defines which user the code runs as, so you can’t just wrap wp-config.php alone.

    No other files need to be wrapped, however. If you follow the instructions at the above link, you’ll get the desired result.

    I only did one thing differently: wp-config.php is the only file I care about, so it’s the only one I changed permissions for. It’s set to -rw——- (600), while the rest are still set to -rw-r–r– (644).

    Good luck!
    Alex

Viewing 8 replies - 16 through 23 (of 23 total)
  • The topic ‘How do I protect MySQL Login credentials?’ is closed to new replies.