Doug, No worries, thanks for the link. J --- Doug Thompson <dthompson@xxxxxxxxxxxxx> wrote: > Oops. For some reason my filter concluded your > email was spam and it modifies the subject line. I > missed cleaning the subject line on the first > reply. Here is is again in case others filter on > that keyword. I apologize for the double post and > possible confusion. > \Doug > > JeRRy wrote: > > > > Hi, > > > > I have a php, mysql security question. > > > > You know how there is a way to enable/disable hot > > linking to your images via CPanel to > allow/disallow > > people to link to your images from an external > site? > > Well is there a way to allow/disable external > sites > > connecting to a mysql via PHP? > > > > So is there a way to allow only localhost access > to > > the db's somehow? > > > > I wonder this to add extra security to my db's and > not > > only that to educate others on this list if it is > > possible or not. > > > > Thanks for your time. > > > > J > > Even if your db server doesn't sit behind a > firewall, you can always restrict what > userid/password/address combinations can gain access > to what DB / Tables / Columns and what functions > they can perform (select, insert, update, etc.) in > those areas using the MySQL administration features. > I have different PHPUsers for my scripts that have > varying levels of authorization to coincide with > what the scripts need to do -- Select (read only), > Update (can only revise existing records), Insert > (can add new new records), etc. All the db_connect > scripts are well_outside the public areas to > minimize opportunities to compromise the userid/pw. > > Start here: > http://www.mysql.com/doc/en/Security.html > > All of which forces the conclusion that this isn't a > PHP issue at all. > > > DT > Find local movie times and trailers on Yahoo! Movies. http://au.movies.yahoo.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
