Connection parameters exposed

Yes, your concern is valid. Storing the MySQL connection string in a file like ConnectionsManager.php can expose your database to potential security risks if not properly secured. Anyone with access to that file could potentially obtain the connection details and perform unauthorized actions on your database.

Here are some recommendations to improve the security of your application:

1. File Access Restrictions:

   • Ensure that only necessary users have access to critical files like ConnectionsManager.php.
   • Set file permissions so that only the web server (e.g., Apache or Nginx) and the system administrator can read it.
   
   
   
   

2. Server Security:

   • Restrict MySQL server access to only accept connections from specific servers or known IP addresses.
   • Configure a firewall to protect your server from unauthorized access.
   
   
   
   

3. Use Strong Passwords:

   • Use strong and unique passwords for your database.
   • Consider changing passwords periodically.
   
   
   
   

4. Connection Encryption:

   • If possible, use encrypted connections (SSL/TLS) between your application and the MySQL server.
   
   
   
   

5. Auditing and Monitoring:

   • Enable logging and monitoring of accesses and activities on your database server to detect and respond to suspicious activities quickly.
   
   
   
   

6. Database Roles and Permissions Management:

   • Limit the privileges of database users. For example, the user your application uses to connect to the database should have only the minimum necessary permissions.
   
   
   
   

7. Source Code Protection:

   • If you are using a version control system (like Git), ensure that sensitive files are not included in public repositories.
   
   
   
   

By implementing these practices, you can minimize the risk of your database connection details being misused by unauthorized individuals.

you can store (and I would recommend it) outside the webroot and import them in the ConnectionsManager, like it's done in an .env file in other frameworks.

$DatabaseAccess = parse_ini_file('PATH TO YOUR CRED-FILE");
$host=$DatabaseAccess['dbhost']:
$user=$DatabaseAccess['user']:
$pwd=$DatabaseAccess['pwd']:
$port=$DatabaseAccess['port']:
$sys_dbname=$DatabaseAccess['sys_dbname']:

And in your cred-file write down the above variables and values.

Finally remove the connection setting you stored before and do a clean rebuild, at least if you're using the same credentials.

Thank you sfuente. Great tips. I will explore SSL/TLS route.

@MikeT, I like your solution. Just a few questions:

1. Where do you suggest I store the cred-file? And what format is it, txt?
2. Where do I put the import code? AfterAppInit?

So the cred-file will have:
dbhost='xxxx';
user='xxx';
...and so on or do I need the '$' lik ($dbhost='xxx';)

Thanks again

1. Just somewhere above the webroot, you have to choose where and then enter the correct path in PATH TO YOUR CRED-FILE

   
   

2. The import code (the stuff I gave an example of) goes into the setting in phprunner where you put in the db credentials

   
   

I think this should be in the official documentation, hope they'll put it there some day.
Or just switch to .env files for this stuff as it is some kind of standard in the php/webapp world now.

It won't give you absolute security of course (you e.g. still have to take care on who has access to your server etc.), and there's a lot of (philosophical) discussion around this, but IMO it's just good practice to do it like that for a live/exposed application.

Im sorry mikeT, but Im still a little lost.
On point 2 where you say

This is where I put my db credentials and I dont see how I put this code there

Could you please dumb it down for me
Thanks
Percy

In the Tab "Output" in the section "server database connections".
Create a new preset there by clicking "New". In the popup then add the text as I wrote.

Then create a file that you will store outside the webroot, call it what you want, e.g. prod_db.ini
In this file you need:

[database]
dbhost=YOUR DB HOST URL
user="YOUR DB USER NAME"
pwd="YOUR DB USER PASSWORD"
port="PORT IF YOU DON'T USE A DEFAULT PORT"
sys_dbname="NAME OF YOUR DATABASE"

you need to make sure that the path you give to parse_ini_file is correct, i.e. is the path to the location of your the file you've stored outside the webroot.

Also: if you want to prevent that the credentials show up in the ConnectionManager, delete the preset you used before in "server database connections" and do a clean rebuild.

mikeT,
I really appreciate your time. That seems to have worked!
But the old connection is still showing in the ConnectionsManager.php file
I tried to delete it from here (image below) but probably because it was the default the "Delete: button is inactive

So I tried deleting it directly from the ConnectionsManager.php file but then the app wont load anymore. So with the old connection still in there Im not sure if the new connection I created is being used

And when you say do a "clean" build, what exacly is that

Thanks again
Percy

The default settings will be the ones you enter on the first screen in phprunner when you begin your project.
Usually (or best practice IMO) would be that you use separate user/pw there and a local database (XAMP, docker, local server etc etc).

These default credentials will always be in the output, but if they're for a local database and different from production credentials, it's no problem.

Clean build: Just a full build.

Got it. Solved!
Thanks so much MikeT. You are awesome!!