My question is whether or not it is possible to allow DB connections ONLY from a certain domain. I suppose this could be done by checking the referral URL, but I was curious if there is an easier way.
The reason I am asking this is because I had a thought of someone randomly searching for the config.php file on my server and, if they found out, would simply be able to include it and run mysql queries at will. This is definitely something I would not want.
Is it better to just hide the config file in an unusual place?
Thanks in advance,
Phil
First of all, your config.php should not be publicly accessible from the web. Your Web Server should be able to include the file, when needed, but the file itself should never be served up in your web server. With the correct configuration, you shouldn't have to worry about someone "finding" your config.php via a browser.
Also, on the database side, you should setup your database so that it only accepts connections from your web server(s). It should not be publicly accessible to anyone on the internet.
If someone is already on your web server that shouldn't be there, you probably have bigger issues. This might be unavoidable in some shared hosting scenarios, but if that's a concern, get a private server or a hosting provider that will correctly set up permissions for you.
If they are inside the system and can see your files, the chances of you doing much to protect your DB are pretty slim. As for blocking other IPs connecting, you can specifically allow hosts to a DB.
I suppose this could be done by checking the referral URL, but I was curious if there is an easier way.
No. Referer is an HTTP concept, it has no meaning once you get to the database level.
The reason I am asking this is because I had a thought of someone randomly searching for the config.php file on my server
The config file should not be directly accessible over HTTP, and even if it was, it should be executed before being served. So it shouldn't be possible to get to the database credentials remotely.
If you are concerned about other people on the same shared hosting, then your file system permissions should prevent access.
I would control access with my user table. For ex: MYSQL 5.5 has a mysql.user table with username, password, hostname, and privileges. If you were to set 'hostname' of each user to the specific domain,
ie. 'update mysql.user set hostname = 'somedomain.com' where user = 'root' and hostname = '127.0.0.1';, the root user would only be able to login from that domain (unless there were multiple entries for the root user in the user table, which there are.) Of course, if you are using only one account for your database access across your application / website, this will not work.
Related
So I have created a mysql database hosted at db4free.net, and am able to access it easily from the command line or from java. My concern however, is I can only access it using my own username, password credentials. I tried to create user, but it appears I cannot as I get Access Denied. I'm assuming I don't have privileges to create users from this hosted database.
Now I want to include access to this online database in my application, but I don't know how without having major security issues. The only apparent way for another user to connect would be to include my own username, password credentials for the database but that is very unsafe.
Any ideas on how I can provide database access to users safely ?
From the front door page of the service you're using:
What db4free.net is not
db4free.net is a testing service which means it is not suitable for
production. There can be outages, data loss and security features do
not meet the standards which you expect from a professional data
hosting provider. If you need a MySQL database for production use,
please do not use db4free.net!
This seems pretty clear to me. Don't do what you're hoping to do!
Plus, it's not a good idea security-wise to open up a MySQL server to the public internet without using secured connections. Even then it's questionable. Somebody who reverse-engineers your app can pwn your database.
I recently installed the XAMPP stack on a desktop and connected via a laptop on the local network. To my surprise, I was able to access phpmyadmin and delete update all mysql tables. Though I understand that I shouldn't use xampp for production (and I'm not), I would still like to learn how to manage these types of obvious security flaws. I know that I can block access to directories via .htacces (http://forum.directadmin.com/showthread.php?t=29089), but I would like something that is a little more comprehensive. How would you restrict running of mysql queries from anywhere except localhost? Is there a way without .htaccess? I thought this was partially the purpose of the root user.
MySQL defined users with domains. If you look at your user_privileges table in the information_schema database you will see that they all have domains. If all your users are defined strictly as localhost, there will be no remote access.
Also, you can edit my.cnf to turn off tcp access to the database, forcing all connections to be by socket. under [mysqld], include the line skip-networking. You will have to configure all your apps to use the socket connection, but I like the socket better anyway.
This will do nothing to protect your data from someone using phpMyAdmin, if phpMyAdmin is installed on the same machine as the database. The safest thing to do is get rid of that app. That's often not practical, however, as it's a useful tool, and so you need to configure phpMyAdmin to require that users authenticate themselves. That means NOT putting the password in the config file. You will need to think about how long sessions are before reauthentication, and things like that.
phpMyAdmin fills me with a rage hotter than a thousand suns whenever I try to configure it, but it is definitely possible to set things up so a password is required each time you connect to the database through phpMyAdmin. You can further limit the damage phpMyAdmin abusers can do my making sure it only connects as a user with limited privileges (for instance, only able to modify the database you're working on at the moment).
I want to give a remote site (owned my someone else) access to the mysql database on my server that is password protected, but I dont want to reveal the actual password to them.
Is it possible to have the mysql access file (with username and pswd) on my server, and they just connect through it, so that their site can access data in my MYSQL db, but I am not actually openely revealing the pswd to them.
Can such access also be give on a read only basis. I just want to make it so they can query the database, but not download the whole database or make changes to it.
The remote party will need credentials to be able to do anything with your MySQL database. Even if you were to open up some sort of file share to let them get to the physical files, that still doesn't let them do anything with the files (and it is not a good idea to expose the actual files outside of the database server).
Setup a separate user account just for them that provides them with just the permissions they need.
You can limit which MySQL databases the are allowed to access, and exactly what they can do in each individual database.
https://dev.mysql.com/doc/refman/5.5/en/adding-users.html
I am trying to configure the Apache FtpServer for windows, and i've got most of it running already, however I am having difficulty understanding the database user manager...
I am more or less a complete newbie to this and SQL, however I already have an FTP server up and running in Linux using VSFTPD. the company wants to migrate from linux to windows, and I have to create accounts for close to 5,000 users (which is why I want to use the database manager).
Here are my questions:
I can see that the xml configuration controls the connection to the database, but how does it control authentication? can someone explain which section handles user authentication from the database? EDIT: by user authentication, I do not mean the database connection itself, but rather how FTPServer authenticates a connection THROUGH the database.
How can I prevent / detect brute-force attempts against my server? our current linux ftp server uses DenyHosts for port 22 (ssh) and is hit by attacks at LEAST 20+ times a week, is there any kind of built-in authentication protection, and if not, can anyone suggest a way to create one? I know that the xml config has themax-login-failuressetting, which closes the connection after a certain number of attempts, but I need it to completely deny any further access from that IP, and not just close the connection.
Example:
Any attempt to log in with the following usernames results in immediate IP-BAN:
Root
Admin
Administrator
System
etc
Other settings
Attempts for non-existing users results in IP-BAN after # attempts for IP (including different users)
Attempts for existing users results in 60-second time out after # attempts (including different users)
Any and all help would be greatly appreciated. If you have any questions or require clarification on anything, please post a comment and I will make any necessary changes / replies.
Thanks.
See the example under Data source configuration here
Apache Ftpserver does not provide this functionallity out of the box. You either have to extend it and program this yourself, or use some external system that parses its log files and dynamically add/remove firewall rules (something like what fail2ban does on linux)
I was wondering if the is a way or tool that will enable me to have access history/report to my MySQL database (I have no root/shell access on the server). I would like to be able to know when and what user accessed the database, and which table, if possible.
Thanks!
The mysql general query log is used for this but you need access to the server and database to enable it. Be aware, even with connections logged like this, if requests are made from scripts on the server, I ain't sure this will give you the ip as the request is made from localhost.