I have a php application that connects to the database from the code. I am wandering what would be some secure ways of storing these credentials? This is a linux server.

EDIT: I just want to hear some informed opinions to get an informed opinion myslef to discuss it with my team. I am against encrypting any passwords, but my team is unconvinced.

I think that if passwords get encrypted, then we would need to store the decryption keys somewhere in plain text as well, thus making the whole gig pointless.

There is no "secure manner". One way or another, the password will have to be decrypted/unobfuscated so it can be sent to the DB library to establish the connection.

At best, store the login info in a file OUTSIDE of your site's document root. This isn't a cure-all, but at least if your server's config becomes broken and starts serving up php source instead of executing, it won't let your credentials leak out, because the file won't be directly accessible.

At least put it inside a config file which is not accessible directly via the webserver.

This way somebody has to break into you machine before being able to read it.

Apply defense in depth and allow the dedicated MySQL user to connect from localhost only. Then even if the connection credentials get leaked somehow, the only way to connect to the database is via the web server.

With this an attacker would need to have access to the web server and to have the ability to execute arbitrary code/commands. And if that is possible compromised, it’s already too late.

agree with others u need to disclose it some point...

but u could use crypt function of php http://docs.php.net/manual/en/function.crypt.php

first encrpyt a password using this function or some other function, after encrption set the encrpted password as your database password... [Note - i dont know if mysql will allow you to store the value returned by crpt to set as password] While connecting to db frm php pass the original password to crpyt function [or the function/method used to encrpt above] store that in a variable and mention this var while connecting

$encrpted_pass = crypt($original_password);
$con = mysql_connect("localhost","mysql_user",$encrpted_pass);

Disadvantages if your connecting to MySQL directly you will be having a hard time in remembering the password To resolve that you can create a seperate DB user when you want to connect directly..

2) the other method would be to store the password in a seperate file, retrieve the contents of the file, store it in a var and later use that var to connect to MySQL DB, by this way u will not be disclosing the password being used in the file used to connect to DB

$pass=file_get_contents("mysql.txt");
$con = mysql_connect("localhost","mysql_user",$pass);