Reputation: 326
How to securely store sensitive data on a shared-hosting provider while accessible to server-side scripts?
I want to store some sensitive data on my hosting provider which is a shared-hosting, lets say for example on MySQL, and i want it to be accessible to the website(server-side languages like PHP) hosted on same provider, how do i do that?
you see i can't use digest algorithms(MD5, SHA1, etc) beacause i want to restore data back to use them in code,
and
I can't use something like Public-Private Key because i have to store both keys on server, so it would be shared with hosting provider.
any ideas?
Upvotes: 0
Views: 567
Answers (1)
Reputation: 443
No matter what you do I think you have to trust the hosting provider in this instance. You can't hide the information since, as you say your self, you must store the secret key ,unencrypted, on their server(s).
This is the reason for never storing sensitive data on someone else equipment if you don't trust them completely (and you should never do that). Just the fact that you consider doing this makes me think the data ain't really that sensitive at all (and in that case the entire discussion is pointless).
TL;DR Don't share your secrets with other people, try to host your own sensitive data instead, if it really is that sensitive.
Upvotes: 3
Related Questions
- How to store sensitive information on a hosting provider's servers?
- encryption or Cryptography for store sensitive data
- Mysql encryption / storing sensitive data,
- How can I store sensitive data securely in a MySQL database?
- Store 'sensitive' data in MySQL DB
- Secure way to store data in database
- How can I secure my database credentials when using shared hosting and no access to outside the webroot?
- What are best practices storing confidential data encrypted in 3-rd-party-hosted MySQL servers?
- Database encryption - php/mysql
- Securely storing user credentials in DB, for PHP web application