ITS Web Resources
Securing Your Web Database Application
On UNIX Web servers, each file carries a set of permissions with regard to three different categories of users:
- the individual owner of the file
- the server group that is designated as owning the file (e.g., usr or staff)
- all other authorized users of the server
You are responsible for securing your Web application not only from tampering by people who use it via the Web, but also from unauthorized access by your fellow account-holders on the Web server.
To protect your application from Web-based threats, you can use an .htaccess file and UVa NetBadge. To prevent tampering from other Web server users, you must carefully manage the permissions on your application files, as outlined below.
Restricting Access By the “Other” Group
When you create a Web database application, the two main components of the application are:
- Your MySQL database, which resides on a database server, such as dbm2.itc.virginia.edu.
- Your scripts that query the database, display the data to a Web browser, etc. These files reside on an appropriate Web server, such as people.virginia.edu. They may be written in any one of a number of languages, such as PHP, Java, or Perl.
In order for your scripts to query the database, they must supply the database connection information, which includes:
- the host name
- the username
- the password
For files that contain login credentials like these, as well as any other sensitive information, you should set the UNIX file permissions so that the information can't be read by unauthorized people from among the Web server account holders. You can do so by judiciously specifying the group ownership of the files (see below) and by removing read privileges from the server's “other” group using the UNIX chmod command.
To find out how to restrict permissions on your files while still allowing your Web scripts to read them, see our page on securing applications using suphp (for PHP developers) or securing applications using sucgi (for other CGI developers).
Controlling Group Ownership of Your Files
Once you have removed read permissions to sensitive files from the “other” group, you should specify the group ownership of the files so they are owned only by server users who have a legitimate need to access the application's internals. If such a group does not already exist on the server, you can use the MyGroups service to create one. Once you have created the new group, you can use the UNIX chown command to change group ownership of your files.
If you, as the application owner, are the only user who should be accessing your application files, you can use the chmod command to remove read and write permissions entirely from the owning group.