php - Submit Form Data through Web Server to MySQL Server using Stunnel? -


I have a form that users can fill, and the data will be stored in a MySQL database using PHP . The connection to the Apache server is encrypted with HTTPS, and I want to encrypt the connection to MySQL database. Both Apache and MySQL are on the same server machine.

I dug around the interwab and I think what I need is what I need. OpenSSL and SSL are supported and active on the server, because we have been given the option of using standard ports and stanel ports to connect to the MySQL server. However, all the articles I found online deal with using a stainless steel to connect a MySQL client to an external MySQL server, but PHP was not used to connect to a local MySQL server. Do I have the right to believe that just because the form is transmitted via https, does not it mean that the connection to the database is also encrypted?

Database "," standardport ");

This works fine using standardport though, if I change it to a stern port, then I get a connection time-out error. I'm obviously missing something ; Any help and advice is appreciated! Thanks!

You have already said that you use HTTPS connection to encrypt traffic between the client browser Your webservers and webservers and MySQL examples are on the same machine.

It is safe to pat the HTTPS connection, you need to protect your data on the public network, and use a secure tunnel. A connection that exists only on the local machine, just adds an unnecessary layer of complexity.

Consider the following examples.

The first method is to see how the connection without a secure tunnel

Browser & lt; - HTTPS - & gt; [Webserver & lt; - & gt; Mysql]

So in this scenario, the connection between the webserver and mysql is unencrypted, to inspect all the traffic between a server (based on permissions) and the server using the machine / Or the physical database from the disk itself.

Now, with a secure tunnel

[webserver & lt; - & gt; Stunnel & lt; - Encrypted - & gt; Stunnel & lt; - & gt; MySQL]

I hope you can see that the connection between the webserver and a secure tunnel endpoint, and connections between mysql and other endpoint are both encrypted in this scenario, In the same way, a person with access to the machine can possibly see all the traffic and read the database from the disk.

No additional security is achieved.

Finally

[webserver & lt; - & gt; Stunnel] & lt; - Encrypted - & gt; [Stunnel & lieutenant; - & gt; Mysql]

When you are using two different servers, the local traffic is still unencrypted, although the stanel is between the two machines on the Between stream Protects anyone with the local access to the machines and can read the data, however there will be no one to see the network traffic between the servers.

A solution?

All this said, if you really want to encrypt the traffic between PHP and MySQL on the same machine, then a slightly better solution exists before using the stunnel.

MySQL basically supports SSL, as PHP does when both compile with SSL support

provide MySQL manual details and PHP function

By using this combination, you can basically encrypt the connection between PHP and mysql servers.

[webserver & lt; - encryption - & gt; Mysql]

However Anyone with access to the machine can still read the Unencrypted database from the disk, and may be able to run To memorize the processes.

You are absolutely right, the internet is a dangerous place, and proper security is necessary. If your server is included in the data, then it is not safe, everything is lost, there is nothing that you take precautions about how the data enters and leaves it.

Comments

Post a Comment

Popular posts from this blog

Python SQLAlchemy:AttributeError: Neither 'Column' object nor 'Comparator' object has an attribute 'schema' -

I tried to create a new database in my project, but when I run the script, I get this error, I have another project, this type of definition worked before, but now it gets a single error. I am using Python 2.7.8 and the version of SQLAlchemy module is 0.9.8. By the way, using a project flask- SQLAlchemy, it works well, I'm confused. Traceback information is as follows: Traceback (most recent call final): File "D: / Projects / IOM / db_create.py", line 4, & lt; Module & gt; From the models the base file "D: \ Projects \ OO-IM \ models.py", in line 15, in the & lt; Module & gt; Column ( 'followed_id', int (), ForeignKey ( 'user.id')) file "C: \ Python27 \ lib \ site-packages \ SQLAlchemy \ SQL \ schema.py", line 369, __new__ schema = metadata. Schema file "C: \ Python27 \ lib \ site-packages \ SQLAlchemy \ SQL \ elements.py", line 662, AttributeError in __getattr__ key): Neither 'column' object nor ...
Read more

java - How not to audit a join table and related entities using Hibernate Envers? -

I use Eners to be hibernate to audit my institutions. I have an audit entity, Foo , which includes a list & lt; Bars & gt; However, I do not want to audit the bar institutions, in the form of properties, I have written that: @inti @edicated public class Foo {@JoinTable (name = "T_FOO_BAR", joinColumns = @JoinColumn (name = "FOO_ID"), inverseJoinColumns = @JoinColumn (Name = "BAR_ID")) @ManyToMany (Cascade = Persist) @ Indited (targetAuditMode = RelationTargetAuditMode.NOT_AUDITED ) Public listing & lt; Bars & gt; GetBars () {Return bars; }} Now, I want to retrieve an amendment of foo : AuditReader reader = AuditReaderFactory.get (GetEntityManager ()); FU modification = (FU) reader.CreativeTeA () .entensEtrevision (Foo Class, 42) .getSingleResult (); Unfortunately, when I want to retrieve all the data (i.e. when it loads lazy times ), error me ORA-00942: table or view is not present , because Tried to query this: Sel...
Read more

mongodb - CakePHP paginator ignoring order, but only for certain values -

While pagging my user model in kppp, I can sort with some values, but not others. For example, I can order results from created or email , for example, but username or reputation seems to come back order by arbitrary command for example with a list of users: $ this-> paginate = array ('condition' => array ( 'User.is_active' = & gt; true), 'border' => 24, 'order' => array ('User.created' => DESC)); Works as expected, but $ this - & gt; Paged = array ('conditions' = & gt; array (' user.isIactive '= & gt; true),' border '= & gt; 24,' command '= & gt; array (' user repeats' = ' & Gt; DESC ')); No, no. I first thought that this could be a database issue, but when I search the database directly, sorted as expected. Note: I am using Mangodebi with the Mongo DB plugin of Ichikawa for the KPPHP; Pagnetizing users are used to work properl...
Read more