Page 1 of 1

Security concern

Posted: Thu Oct 30, 2014 9:52 pm
by Gyro123
Hi I noticed today that my host is having issue. I went to my website and noticed that the database could not connect and it showed database name and password in plain text! I also received an email from one of my customers and he copy and pasted the code with my password! Pretty scary how do I stop this from showing when my host is having issue?

Re: Security concern

Posted: Thu Oct 30, 2014 11:31 pm
by ogun
Can you post the error message you saw - or anything else that might help diagnose the problem?

Re: Security concern

Posted: Fri Oct 31, 2014 12:41 am
by cwswebdesign
Gyro123 wrote:Hi I noticed today that my host is having issue. I went to my website and noticed that the database could not connect and it showed database name and password in plain text! I also received an email from one of my customers and he copy and pasted the code with my password! Pretty scary how do I stop this from showing when my host is having issue?
This has nothing to do with me running a hosting company but I'd highly advise moving to a new host if your information is being exposed in that fashion.

DL

Re: Security concern

Posted: Fri Oct 31, 2014 1:29 am
by Gyro123
Please see attached error message... I blocked out the sensitive information

Re: Security concern

Posted: Fri Oct 31, 2014 1:34 am
by cwswebdesign
Gyro123 wrote:Please see attached error message... I blocked out the sensitive information
That's actually standard. I thought your username and password were both exposed.

It's one of 2 things:

1) Their sql server is crashing

2) Your database credentials are incorrect in one or both of the config files.

DL

Re: Security concern

Posted: Fri Oct 31, 2014 4:45 am
by Gyro123
So are you saying it's safe even if people could see my database password?

Re: Security concern

Posted: Fri Oct 31, 2014 7:50 am
by cwswebdesign
Gyro123 wrote:So are you saying it's safe even if people could see my database password?
Sorry I missed that part where you edited it out. NO it's not safe to show that info! The file path info is not a huge deal though.