For configuring a server application, see the examples provided below.įor WordPress applications, it is sufficient to add one line to the file wp-config.php: define( 'MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL ) Using TLS in client applicationsįor desktop clients, you only need to mark the right checkbox when configuring the connection. It is therefore also worth updating these whenever possible. However, we would like to point out that this could create issues for older applications and database clients. It is important to know that using encrypted connections is possible starting from version 1.2 of the TLS protocol. This must also be configured in the My Zone management interface under the settings for a specific database user. In the case of external connections, it is also important to ensure that connection paths are restricted to whitelisted IP addresses. If TLS connections are not used in such situations, it is safe to say that all personal data associated with the orders have in principle already passed through the hands of third parties. As working remotely is very common today, the developer could well check the database, sitting in a café and using its public WiFi. To do this, you must open the database user management and set the “ Require TLS connection from user” value.īut why is it needed anyway? Sometimes, when performing its tasks the software needs to ask the developer some questions like “Please check what is happening with this order in the database?”. To prevent this, we have now introduced the possibility to specify that a database user can only access the database over TLS connections. Of course, there may be situations where the administrator has no control over this. In such cases, particular care must be taken when access has been granted to a user connecting to the database via a desktop application, for example, Sequel Pro that is very commonly used by developers, or the less well-known Beekeeper Studio – when such applications are used, one should always ensure in advance that the connection is encrypted using the TLS protocol. However, such external connections may still involve situations where such one-time setup will not guarantee a secure connection. In such a situation, it may be sufficient if the application administrator knows that an SSL connection must be configured beforehand. For example, when an external service located in the cloud of another service provider has been connected to the SQL server. Why do I need encrypted SQL connections?Īs a rule, secure TLS connections must be used for external connections, especially when the application is located outside the Zone system. For this reason, using encrypted connections can now be made mandatory for the users in Zone. As databases tend to contain information that must not leak and also includes sensitive personal data, special attention must be paid to the security of handling these data. If, however, the user wants to establish a connection to the SQL database from outside, we recommend enabling the TLS protocol, that encrypts all data traffic between the client application and the database server.Īt Zone, the customers have for some time had the possibility to configure their applications to use secure TLS connections. When using the default configuration, Zone also uses its internal network between the database and the web server to transfer data – so your data cannot “escape” in any way. This ensures that data are not transferred over external networks. As you know, the users of SQL databases are only allowed to establish local connections by default.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |