...i guess this was a either a stupid question, or it is not easy to delete/alter those files.

I tried ftp and browser to find these files, ..didn't succeed, So i think i can proceed with this setup, and dont have less security than with mysql?

(?)

not a stupid question

I don't really see anything wrong with the setup. Though do you really need 777?

hi, and thanx for your reply :)

i can not alter r/w/e rights myself on my webspace, i was assuming i would need the "777" , but after trying the obvious options to atleast download/read the "txt" files, it became clear my Host was smart enough to give the directories the propper rights (i can not see them, i think its 666 now?)

i ame using un-ecnrypted .txt databases for many purposes, but i always wonder how safe this is, (*ie compared to mysql)?

If someone can FTP into your site, presumably they can access all your PHP files, correct? If so, they can look through your code and find the "secret" directory, as well as your encryption algorithm. Even if they can't access that directory through FTP, they could always FTP a new PHP file that they could run to access that directory and grab all the files in there. Then they can decrypt the files at their leisure.

Even low-budget sites can afford the price of mySQL!

By the way, "low budget" just screams "Visa/MasterCard CISP violations."

if someone can FTP in to your site, you have a problem anyway
and I dont see anything wrong with his setup, suppose someone did aquire all his PHP files?
who cares?
if anything, this is most likely even safer
most websites have a simple include with the mysql db connection parameters in it so you can change them easily
if the password is known to the hacker, its easy fetching data from the DB
in this setup that wont be the case, as all data is encrypted anyway and user data is SHA1 encrypted, good luck trying to crack that

for a moment i was affraid "experienced" users would be able to ftp into the given "txt" directory, since it must have read/write right's

But now "Dmmh", i think u scared loads of people here, since like many others i also use a include file to connect to my mysql-db'z.
I assume u ment that when somebody has ftp-access, it is "easy" to "hack" the db?

thanx for the reply's :)

in this setup that wont be the case, as all data is encrypted anyway and user data is SHA1 encrypted, good luck trying to crack that

Well, isn't the decrypt key going to be in the PHP code somewhere? If so, it's a simple matter to access the file with FTP, scan through files to get the decrypt code, then decrypt the DB- no cracking involved. If not, then exactly WHERE is the decrypt key? Are you going to make the user enter it every time?

It doesn't matter if you use an include to a non-FTP accessible folder. If you have FTP access, you can always upload a file to run to give you exactly what you need.

if we always worry about someone ftp'ing into a site then we would never put up sites

dmmh has it right, worry more about cross includes on shared hosts than someone gaining ftp

you have stuff encrypted, you seem to have taken "reasonable means" to protect your data, as long as you only store data you truly need to store then you are on the right track.

just remember that nothing is ever 100% secure and always monitor your site.

"cross includes on shared hosts"

what do you mean by "shared hosts"?

I should have said on bad shared hosts

if there are many sites on the same box and someone happens to know a filename and your host hasn't protected against it there is a possibility of including files that do not belong to you.

"someone happens to know a filename"

i've noticed some sites show only their domain, regardless how many links you click.
can this be scripted? (besides using the index only?), or is it a server-setting?

I wouldn't suggest that as a method of protection. More than likely it is just a 100% frame.

at any rate it is a bad idea.

As I said before you are alright, your is ok. There are a million ways someone can get at your site but most of them are unlikely. Security is about making things difficult for the jokers that try automated hacks and to protect against things like XSS and SQL injection. We trust our host to protect the server itself and then we hope they have good monitoring. We also monitor our own systems and investigate anything that seems strange.

There is no 100% way to protect anything. The key is to watch and take the "necessary means" to protect ourselves.

you could drive yourself crazy trying to make a perfectly secure script/site

because there is no such thing

Jatar_K , thanx for all your usefull information, ive read many great replys in various threads, nice work!

thanx!

Well, isn't the decrypt key going to be in the PHP code somewhere? If so, it's a simple matter to access the file with FTP, scan through files to get the decrypt code, then decrypt the DB- no cracking involved. If not, then exactly WHERE is the decrypt key? Are you going to make the user enter it every time?

SHA1 is not decryptable, you can only check if 2 values match, but you can not decode the stored SHA1 encrypted data, so there wont be a script with a decryption key ;)
the other encrypted data could be decrypted in this very situation, but that's trivial

It doesn't matter if you use an include to a non-FTP accessible folder. If you have FTP access, you can always upload a file to run to give you exactly what you need.

exactly what I meant
if someone gains FTP access you're basically #*$!ed, either way, no matter how hard you try to prevent it

he is encrypting his user-login data with SHA1, which is pretty damn secure and the most important data to secure. The rest is basically trivial

because there is no such thing

and the biggest error one can do as a webmaster is to claim, on the website in question, that it is un-hackable :D