Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

base_64 encode config.php or?
 View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> How To's
Author Message
sixonetonoffun
Spouse Contemplates Divorce



Joined: Jan 02, 2003
Posts: 2496
PostPosted: Tue Apr 27, 2004 5:32 pm Reply with quote
base_64 encode any perl or php file.
Here is a cool tool I ran accross while browsing the php manual comments.

This is of most interest if you are wanting to encode you config.php from prying eyes. In fact you could encode an entire script if you wanted. Requires Zlib on the webserver.

One online version and one for download.

http://richard.fairthorne.is-a-geek.com/utils_obfuscate.php?
 
View user's profile Send private message
sixonetonoffun
PostPosted: Tue Apr 27, 2004 5:35 pm Reply with quote
I should add the compression ain't shabby either one default config.php
before 4.02 KB
after 2.26 KB

Edit:
mainfile.php (I put a few extra lines in it).
before 42.8 KB
after 14.8 KB
 
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088
PostPosted: Tue Apr 27, 2004 7:21 pm Reply with quote
Just imagine you've come home late or gotten up early and your brain hasn't kicked in yet. You decide to make a change in config. php. You open up your editor and you see the base64_encoded file. You breathe heavily. You then reach over and just unplug your computer, hoping that when you try it later it will be well. Laughing
 
View user's profile Send private message
darksied
Hangin' Around



Joined: Jan 27, 2004
Posts: 25
Location: New Jersey
PostPosted: Fri Jan 28, 2005 12:20 am Reply with quote
Ok does this mean that we can use this as a way to protect our config.php files or is it a bad thing i tried it and i can still use my site. i made a backup copy of course of the config.php i really wanted to move the config file but cant seem to find any about that but i did read something once about how to move it out side of the public_html folder

_________________
xXx Without C-H-A-O-S There Would Be No Order In Nature And No Peace In The Universe! xXx 
View user's profile Send private message Visit poster's website AIM Address
sixonetonoffun
PostPosted: Fri Jan 28, 2005 7:30 am Reply with quote
You can try moving it but once in a while there are problems with addons that look for it to grab the DB info ect...

encoding this way is reversable as pointed out in several other threads. But it does make it one more step

You can put it above the webroot someplace like
/usr/home/username/safe/config.ini
If your website is in /usr/home/username/public_html
Then in your webroot config.php put
<?php include("../safe/config.ini"); ?>

Really if the file is 0644 or 0600 it shouldn't be read unless there is some larger problem already.
 
darksied
PostPosted: Fri Jan 28, 2005 10:04 am Reply with quote
Tried moving it but got errors i will settle for 0600 and base 64 for now till you smarter people can come up with something else or better.
thanks for the help.
 
sixonetonoffun
PostPosted: Fri Jan 28, 2005 10:15 am Reply with quote
Like PHreekie said in another thread don't use the same usename and password for your DB as you do for your CPanel, FTP, Webmail ect... because somehow someday someone will see it especially on a shared server environment.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> How To's


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©