1

I have some php scripts that use mysqli() to connect to MySQL which is located on the same server. I currently have the connection stored outside of my sites root and I am using include() to make the connection.

For remoteMySQL servers it is recommended to use an ssh connection. For my environment, should I take any other measures to secure my connection?

Also is it more of a concern that mysql is on the same server?

Lastly I am guessing I would want to prevent any errors resulting from the connection being displayed as they would give connection information.

EDIT

Im also curious as to if/when I would want to close() these connections. I am guessing I would want to close them but only after I am done accessing the database on a particular page.

EDIT 2

Still looking for the above information as of 12.11.2019

Improve this question
1
  • Most of the time remote connections are not allowed or at least VERY highly discouraged. Using ssh would be considered a minimum requirement if you do need to allow remote connections. You don't need to explicitly close connections. That is done when the PHP script is finished. Use try/catch for the connection to make sure no connection information gets "leaked". Also set your logging to always go to the PHP error log instead of having it displayed.
    – Dave
    CommentedApr 13, 2020 at 13:28

0

Reset to default

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.