Support » Fixing WordPress » How do I protect MySQL Login credentials?

  • Hi

    I am trying to figure out a way to protect the MySql login credentials in the wp-config.php file from prying eyes. It is protected via the .htaccess file from being read via browsing http://site/wordpress/wp-config.php, but I am concerned with the other users of my ISP being able to read it when they are logged in to a shell server. If I set mode 600 on wp-config.pgp then Apache ( which is running non-privileged) can’t read it. The ISP ( recommends placing sensitive files such as those containing login credentials in another directory, removing world read access and accessing them via php in cgi mode.

    I’m not sure if I should try to wrap the entire /wordpress directory or if I should try to separate all or part of wp-config.php and wrap it separately. There seems to be quite a few other files that call wp-config.php that I would need to change to the new path if I move it so that doesn’t seem like a good idea for a number of reasons.

    If anyone who has set WordPress up to mitigate this vulnerability can clue me in, I’d mightily appreciate it.



Viewing 15 replies - 1 through 15 (of 23 total)
  • Yeah. I saw that.

    It doesn’t address the problem of other users at the same ISP being able to read/copy files from the directory unless they are mode 600…

    It also doesn’t say how to start WP *with* the credential file protected.

    The web server needs to be able to read it.

    Thanks, though.


    On a shared host, you cannot prevent other users of that host from accessing your wp-config.php file.

    You could assign ownership of the file to the user used by the Apache process (www-data, or nobody, most likely), and then assign read permission to that user only, and no access to everyone else. That will prevent people with shell access from reading your file.

    But if they know the full path to your wp-config.php file, they could easily write a script in their own webspace to grab your file and display it to them.

    Assigning ownership to the webserver is not a bad idea.

    I’m also going to try and install it in a wrapper as Sonic suggests. Supposedly that will protect against snagging it via a script.

    It amazes me that nobody has come up with an effective remediation strategy for this vulnerability.

    In my case, I am not dealing with any data that is particularly valuable or sensitive. If I was, I’d be quite disturbed at the potential for compromise.



    i thought those hosting providers have some sort of protection for cases like this in a shared what will i ask my provider what to do or i do?

    The options available to hosting providers are many, and it would be impossible for us to keep track of which hosts do what.

    Contact your hosting provider and ask them for assistance in this. Feel free to share it here, so that others can search for the information. Also post the information to your blog, so that the search engines pick up your answer.

    my host just told me that i should not worry because no one can access any single file of mine without my password. though do you think that just because my account is a reseller account make it safe and thats why he answered that way? or his trying to look as if theres no problem?

    Who knows.

    If you know another user on your server, you could (with their permission of course) try to write a script that loads a file from within that user’s web space. If it works, then you can go back to your host. If it does not work, then chances are your host knows what they’re doing.

    are you willing to experiment it with me?

    hey..this is off topic..i noticed the reply was posted without refreshing..where can i get such plug in>? yes i know theres one but that plug in don’t work nicely as what happened here.

    No mind readers here.

    If the concern is over who may or may not have access to your files through the shell, then the best solution is to find a host which does not allow users shell access. However if you require shell access, then you’ll have to live with a certain amount of uncertainty in the area of security over your files. A host can take all the measures that are out there to insure others cannot access them, but keep in mind many security measures were developed because someone found a way around other security measures.

    As has been said before, the securest data is the data that doesn’t exist.

    I can’t help you experiment, because I don’t use your hosting provider. You’ll literally need to find another user of your hosting provider who is using the same server as you.

    oh.ok..i can take that argument kafka and thanks.

    I have a personal account with the same ISP that is different than the one that hosts the website, so I can easily check…



    Going back to the OP for a sec…. would it be possible to take the contents of wp-config.php and put them into another file, in a “more secure” (theoreticaly) location, then change wp-config.php to simply do an include on the new file? Then you wouldn’t have to change any file that calls wp-config…. since it would still exist.

    Or does that just sound like a crazy idea?


Viewing 15 replies - 1 through 15 (of 23 total)
  • The topic ‘How do I protect MySQL Login credentials?’ is closed to new replies.