View ProjeQtOr On SourceForge.net
ProjeQtOr - Project Management Tool
Support us on Capterra
OIN - Open Invention Network
ProjeQtOr free project management software - Changing the root password for mysql db to provide a more secure environment - ProjeQtOr
 

Changing the root password for mysql db to provide a more secure environment

More
28 Jul 2023 15:11 #1 by CatalystDROID
Changing the root password for mysql db to provide a more secure environment was created by CatalystDROID
I want to provide more security here. 

What is the recommended process for changing the root password for the mysql db?

Can I simply use an ALTER from the mysql cli ?

Like:  ALTER USER 'root'@'localhost' IDENTIFIED BY 'PASSWORD_HERE';)

Also, does the password need to be stored in plain text in the parameters.php file used by Projeqtor and the config.inc.php file used by phpmyadmin ?

Please Log in or Create an account to join the conversation.

More
28 Jul 2023 15:17 #2 by babynus
Replied by babynus on topic Changing the root password for mysql db to provide a more secure environment
Changing root password is not a subjet linked to projeqtor.
You do as you want.

Yes, password needd to be stored in plain text in the parameters.php.
It could be encrypted, but decryption method will be stored in projeqtor code, which is opensource, so will be very easy to read for any hacker.
Best solution is to move parameters.php out of web reach to limit hacking possibilities and secure access to your server.
Note that config.inc.php is part of phpMyAdmin, that has nothing to do with projeqtor, but faced same problem and found same solution (except that it does not propose to move config.inc.php out of web reach).
Babynus
Administrator of ProjeQtOr web site

Please Log in or Create an account to join the conversation.

More
28 Jul 2023 15:29 #3 by CatalystDROID
Replied by CatalystDROID on topic Changing the root password for mysql db to provide a more secure environment
Is there a recommended way to go about encrypting it ?

Do you have a decryption method we can use ?

Any examples available?

Where would the decryption method live?

On the Projeqtor side, you mention relocating the paramaters.php file as the best way.
Can you elaborate a bit more on this, maybe provide an example

Thanks again.

Please Log in or Create an account to join the conversation.

More
28 Jul 2023 15:34 #4 by Plucks
Replied by Plucks on topic Changing the root password for mysql db to provide a more secure environment
Hello,
Please have a look at my answer here : www.projeqtor.org/en/forum/5-ask-questio...ith-phpmyadmin#35676

Please Log in or Create an account to join the conversation.

More
28 Jul 2023 15:40 #5 by babynus
Replied by babynus on topic Changing the root password for mysql db to provide a more secure environment
You won't be able to encrypte DB password as a plugin.
You'll have to change core code, so your changes will be lost each time you migrate to new community version
Babynus
Administrator of ProjeQtOr web site

Please Log in or Create an account to join the conversation.

More
01 Aug 2023 15:37 #6 by CatalystDROID
Replied by CatalystDROID on topic Changing the root password for mysql db to provide a more secure environment
Ok. Understood.

Please Log in or Create an account to join the conversation.

Moderators: babynusprotion
Time to create page: 0.124 seconds

Cookies settings

×

Functional Cookies

Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.

Session

Please login to see yours activities!

Other cookies

Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.

Login Form