Web Hosting Talk : Web Hosting Main Forums : Programming Discussion : Is MySQL secure enough to protect datas?

[ghost]

Hi,

I am developing an e-commerce and e-trade portal, I am using for this PHP and of course most popular database MySQL. But sometimes I hear MySQL is not secure to protect important datas (such as CC infos, customers important infos). Is MySQL not enough secure to use with that kind of project? What is your opinion about that? I see lots of e-commerce and e-trade sites uses PHP, what do you think which database they use?

Cem

[mind21_98]

First off, I wouldn't store credit card information on a public server, regardless of database program. I'd PGP encrypt it and ship it off to another system behind a firewall, or better yet, not connected to any kind of network. But if you want to anyway, make sure your password's strong and MySQL can't be accessed from anywhere but the local host. If you're really paranoid, you can actually encrypt the data in the table, but it makes things more difficult to code.

[ghost]

Can you say MySQL is enough secure for storing importing datas (except CC infos)?

[mind21_98]

Quote:

Originally posted by ghost
Can you say MySQL is enough secure for storing importing datas (except CC infos)?

It's more a matter of system security than MySQL security. Even if you were to use PostgreSQL or even Oragle, you could still get to the important data if you tried hard enough.