Opened 2 years ago

Closed 2 years ago

Last modified 2 years ago

#2870 closed New feature (fixed)

Add plugin hook to set/modify database connection info

Reported by: jokergermany.de.vu Owned by:
Priority: normal Milestone: 1.7 Piwik 1.7
Component: Core Keywords:
Cc: Sensitive: no

Description

You can find the datebase password in the config.ini.php.

Can you pls let piwik encrypt this password?

Thanks =)

Attachments (1)

2870.patch (1.6 KB) - added by vipsoft 2 years ago.
patch to use environment variables

Download all attachments as: .zip

Change History (10)

comment:1 Changed 2 years ago by vipsoft (robocoder)

  • Milestone set to 1.7 Piwik 1.7

we don't encrypt because MySQL requires a plaintext password for the connection. The file is protected by .htaccess and .php extension, so it can't be displayed by direct access or local file inclusion.

To decrypt on every php request would add some performance overhead. Also, the question then becomes where to securely store the decryption key?

We could also try allowing the connection info to be set via environment variables (eg in your virtualhost.config), but the password is still physically stored somewhere.

comment:2 Changed 2 years ago by vipsoft (robocoder)

  • Resolution set to answered
  • Status changed from new to closed

Changed 2 years ago by vipsoft (robocoder)

patch to use environment variables

comment:3 Changed 2 years ago by vipsoft (robocoder)

  • Keywords interesting added

comment:4 Changed 2 years ago by vipsoft (robocoder)

  • Summary changed from Encrypt the database password pls. to Get database connection info from environment variables

comment:5 Changed 2 years ago by vipsoft (robocoder)

(In [5681]) refs #2870 - add a hook for plugins (or third party integration) to set database config before connection is made

comment:6 Changed 2 years ago by vipsoft (robocoder)

  • Keywords interesting removed

see #2874

comment:7 Changed 2 years ago by vipsoft (robocoder)

  • Resolution answered deleted
  • Status changed from closed to reopened

comment:8 Changed 2 years ago by vipsoft (robocoder)

  • Priority changed from critical to normal
  • Resolution set to fixed
  • Status changed from reopened to closed
  • Summary changed from Get database connection info from environment variables to Add plugin hook to set/modify database connection info
  • Type changed from Bug to New feature
Note: See TracTickets for help on using tickets.