Hi folks.
I'm developing a MySQL database driven, PHP web application that will be used by the general public and I'm starting to get a bit paranoid about database security.

While creating the site I was using a single, full privileges database user to connect on each page that required it. I'm now thinking it would be safer to use different database users, with different privileges, for each separate page of the site. For example: On the login page, I create a database user that can only SELECT data from the MEMBERS table.
The idea being that if someone manages to discover the username and password of the DB connection on the login page, and somehow managed to run a query with it, they can't do much harm as they can only SELECT a limited amount of data.

Do you think this is a good idea and if so, how far should I take it? Would a single user with privileges to perform all the required tasks on entire site be okay or should I have a different user on each page?

Any thoughts or suggestions would be gratefully received.

4 Years
Discussion Span
Last Post by Zagga

The only way to get to your usernames is when your webserver has been cracked already (unless you've been sloppy). So even if you use more accounts, they can get to it anyway at that point. IMO use only select/view/stored proc priviliges with heavy logging and no physical deletes.


I thought I was probably looking at it the wrong way. Best I start learning about stored procedures.
Thanks pritaeas, for putting my mind at ease :)

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.