PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide

Database Security

As a brief conclusion to this chapter, I should mention a few of the security issues to consider when using and administrating your databases. Then I will demonstrate two final MySQL functions that can be used to encrypt data.

Security practices

If you have administrative-level control over your database, you should keep in mind the following:

Do not allow anonymous users to connect to MySQL.
Always require a password to connect to MySQL.
Require users to also specify a hostname. This limits from where users can and cannot access MySQL (although it can be more tedious).
When storing sensitive information in a table, particularly passwords, protect the data first using either the PASSWORD() or ENCODE() functions, which will be ...

Get PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide by Larry Ullman

Database Security

Security practices

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly