0

I tried to find this information but was not able to.

How is working the connection from PHP to MySQL server. As the password is sored plain, is it also sent plain to MySQL if it is stored on a different server? Is there any way for a "man-in-the-middle" to intercept the password?

Thanks in advance,
Sébastien

Sébastien
  • 103
  • 1
  • 1
    afaik, by default the connection is not encrypted and the password could be intercepted. you need to enable ssl connections, see http://php.net/manual/en/mysqli.ssl-set.php – Gryphius Apr 04 '13 at 09:35
  • Thanks! Is it only the connection which is encrypted or all the transactions? In this case this must pretty much slow down the transactions, right? – Sébastien Apr 04 '13 at 09:51
  • 1
    Do https websites work more slowly for you? It's a trade off, 10% slower for 100% more secure (your numbers may vary).. is it worth it for you? – NickW Apr 04 '13 at 10:00
  • OK, I may have misspoken. When I said "this must pretty much slow down the transactions" I meant in comparison of a single server with PHP/MySQL. – Sébastien Apr 04 '13 at 10:38

1 Answers1

2

AFAIK, you are correct that the connection between PHP and MySQL is NOT encrypted and presents a security risk particularly if the web server and MySQL server are different servers.

In the past, I had a setup with one central MySQL server and several web servers using PHP and other languages to talk to the MySQL database. I secured it using SSH tunnels between the servers that remained active at all times. On the web server, I used all the same commands to talk to MySQL (PHP and the mysql command line client) and just specified a port of 3307 instead of the default 3306. Port 3307 was forwarded through an SSH tunnel to the MySQL server's port 3306.

This setup also included a backup MySQL server, which did MySQL replication between the two MySQL servers (different machines) using a SSH tunnel.

While I didn't do any extensive testing on this setup, it seemed to work well with no noticeable degradation in performance. On a few rare occasions, the SSH tunnel would drop and I would manually have to reconnect it, but this was very rare.

My documentation for setting up the SSH tunnels is on GitHub.

PaulR
  • 331
  • 3
  • 8
  • 1
    This is correct. The wire protocol for MySQL is anything but secure... that isn't the intent of the protocol. You can see this by firing up Wireshark and running some queries. A tunnel is needed here. What I do on my own boxes is simply hook them up via a VPN. While this isn't the most efficient setup, it works well for links that don't require a ton of bandwidth or low latency, while enabling me to connect a bunch of cheap VPSes on various providers. – Brad May 07 '14 at 13:42