问题
I'm in the unfortunate position of having to sync a local microsoft access database with a remote mysql database.
I have written a php script which will sync the databases every 10 minutes. However I'm definitely concerned about security.
So far I have set up remote mysql with cpanel, this allows only my I.P address to make connections. I've also made sure the user I'm connecting with has limited permissions.
However, I'm aware that the data I'll be sending back and forth will be unencrypted. Is there anything I can do to make sure my data is encrypted? I'd also like to know whether my mysql username/password is currently encrypted the way I have it set up?
Lucas
回答1:
You can use secure connection to MySQL:
MySQL side: http://dev.mysql.com/doc/refman/5.5/en/secure-connections.html
PHP side: http://php.net/manual/en/mysqli.real-connect.php (MYSQLI_CLIENT_SSL flag)
I have not worked with SSL connections to MySQL with PHP, but, I think it is not hard to find needed information on http://php.net, http://dev.mysql.com and http://google.com
Update
This may help: http://www.madirish.net/node/244, PHP to MySQL SSL Connections, http://www.php.net/manual/en/mysqli.ssl-set.php
回答2:
You could use the PHP mcrypt functions to encrypt and decrypt the data.
A good example of this can be found right on SOF: Best way to use PHP to encrypt and decrypt?
来源:https://stackoverflow.com/questions/9004249/securing-remote-mysql-connection