View ProjeQtOr On SourceForge.net
ProjeQtOr - Project Management Tool
Supportez nous sur Capterra
OIN - Open Invention Network
ProjeQtOr free project management software - Changing the root password for mysql db to provide a more secure environment - ProjeQtOr

Prochaines Sessions

Les prochaines formations et démonstrations sont ouvertes, inscrivez-vous rapidement !

 

Démonstration de ProjeQtOr

(gratuit, sur inscription)
 

13 mai 2025 (10h30-12h)

5 juin 2025 (16h-17h30)

  
 

Planifiez avec ProjeQtOr

14 et 15 mai 2025 (9h-12h30)

18 et 19 juin 2025 (9h-12h30)

  
 

Administrez avec ProjeQtOr

20 et 21 mai (9h-12h30)

25 et 26 juin (9h-12h30)

  

 

 

Changing the root password for mysql db to provide a more secure environment

More
28 Juil 2023 15:11 #1 by CatalystDROID
Changing the root password for mysql db to provide a more secure environment was created by CatalystDROID
I want to provide more security here. 

What is the recommended process for changing the root password for the mysql db?

Can I simply use an ALTER from the mysql cli ?

Like:  ALTER USER 'root'@'localhost' IDENTIFIED BY 'PASSWORD_HERE';)

Also, does the password need to be stored in plain text in the parameters.php file used by Projeqtor and the config.inc.php file used by phpmyadmin ?

Please Connexion or Create an account to join the conversation.

More
28 Juil 2023 15:17 #2 by babynus
Replied by babynus on topic Changing the root password for mysql db to provide a more secure environment
Changing root password is not a subjet linked to projeqtor.
You do as you want.

Yes, password needd to be stored in plain text in the parameters.php.
It could be encrypted, but decryption method will be stored in projeqtor code, which is opensource, so will be very easy to read for any hacker.
Best solution is to move parameters.php out of web reach to limit hacking possibilities and secure access to your server.
Note that config.inc.php is part of phpMyAdmin, that has nothing to do with projeqtor, but faced same problem and found same solution (except that it does not propose to move config.inc.php out of web reach).
Babynus
Administrator of ProjeQtOr web site

Please Connexion or Create an account to join the conversation.

More
28 Juil 2023 15:29 #3 by CatalystDROID
Replied by CatalystDROID on topic Changing the root password for mysql db to provide a more secure environment
Is there a recommended way to go about encrypting it ?

Do you have a decryption method we can use ?

Any examples available?

Where would the decryption method live?

On the Projeqtor side, you mention relocating the paramaters.php file as the best way.
Can you elaborate a bit more on this, maybe provide an example

Thanks again.

Please Connexion or Create an account to join the conversation.

More
28 Juil 2023 15:34 #4 by Plucks
Replied by Plucks on topic Changing the root password for mysql db to provide a more secure environment
Hello,
Please have a look at my answer here : www.projeqtor.org/en/forum/5-ask-questio...ith-phpmyadmin#35676

Please Connexion or Create an account to join the conversation.

More
28 Juil 2023 15:40 #5 by babynus
Replied by babynus on topic Changing the root password for mysql db to provide a more secure environment
You won't be able to encrypte DB password as a plugin.
You'll have to change core code, so your changes will be lost each time you migrate to new community version
Babynus
Administrator of ProjeQtOr web site

Please Connexion or Create an account to join the conversation.

More
01 Aoû 2023 15:37 #6 by CatalystDROID
Replied by CatalystDROID on topic Changing the root password for mysql db to provide a more secure environment
Ok. Understood.

Please Connexion or Create an account to join the conversation.

Moderators: babynusprotion
Time to create page: 0.216 seconds

Paramétrages de cookies

×

Cookies fonctionnels

Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.

Session

Veuillez vous connecter pour voir vos activités!

Autres cookies

Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.

Login Form