30 Security


S


ECURITY


Most of the work we do with MySQL is for the web. Whether you use Dreamweaver or


PHP  or  any  other  means  of  displaying  MySQL  data  on  the  web,  your  username  and


password must be embedded in your web files and readable to the web server.


This means that your username and password are readable by anybody who shares access to


your server.


Because  of  this,  most  web  hosting  providers  that  give  you  MySQL  access  will  give  you


multiple passwords. Each provider will have different policies, but you are likely to receive:


   a  password  that  can  do  anything  to  your  database,  from  anywhere  on  the  net.


Sometimes, you'll need to enable it for anywhere on the net. You must safeguard this


password carefully. Anybody who acquires this password will be able to not only see


your  data,  but  will  be  able  to  modify  it.  They  will  even  be  able  to  modify  the


structure of your database. You should never, ever use this password for your web


pages.


   a password that can only see your database, and only from the web server. If your


web page is only displaying data, not changing it, this is the password you want to


use. If someone acquires this password without getting access to your web server,


they can't use it. If someone hacks into your server and gets your password, they can


only use the password to see your data, not to change it.


   a password that can see your database and insert records, but cannot change records,


and only from the web server. If your web page is displaying and collecting data, but


is not modifying data, this is the password to use: a hacker who gains access to both it


and your server can see data, and can add data, but cannot modify existing data.


   a password that can see your data and can modify data, and only from the web server.


If your web pages need to be able to modify data, you'll use this password for your


web files. It means that anyone who acquires that password can modify data, but at


least they cannot modify the structure of your tables.


You should ensure that the level of security you have on your server matches the level of


security that you need. Remember that in any scenario other people who have accounts on


your server will be able to do anything to your records that your web page can. You should


only store information in your database that you are comfortable with, knowing that this is


true.


If you are at a university, working on a departmental web page, often every other department


has access to the same web server that you do. Whoever the other departments let work on


their files, can see your files and thus can see your password.


If you are at a university, working on a personal or professional web page, or hosting your


web pages on a third party hosting provider, usually everyone else at the provider will have


access to the same web server. Every one of them will be able to access your files and thus see


your password. Store information only to the extent that you trust those others and that you


would not mind them seeing or changing.


Because  of  this,  regular  backups  are  essential.  You  should  make  backups  as  often  as  you


change data.






  

    

      

    
    
Home

    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    

    

     
    Php MySQL Web Hosting



    

    

    

      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved