How to secure database passwords in PHP?

后端 未结 16 1207
闹比i
闹比i 2020-11-21 22:41

When a PHP application makes a database connection it of course generally needs to pass a login and password. If I\'m using a single, minimum-permission login for my applica

16条回答
  •  南笙
    南笙 (楼主)
    2020-11-21 23:17

    Several people misread this as a question about how to store passwords in a database. That is wrong. It is about how to store the password that lets you get to the database.

    The usual solution is to move the password out of source-code into a configuration file. Then leave administration and securing that configuration file up to your system administrators. That way developers do not need to know anything about the production passwords, and there is no record of the password in your source-control.

提交回复
热议问题