I'm writing some PHP that will end up on a shared webhost. Naturally, I don't want my database passwords to be readable by anyone with a shell account on this server.
I've been googling and came across the practice of storing sensitive information in .htaccess files, and making them readable only by me/root. The idea is that, when apache2 is started as root, it can read the .htaccess file. Then, when it is running normally as nobody, it can no longer access the .htaccess file, nor can anyone else with a shell account on the server (or some exploit of my PHP).
I can successfully set environment variables in .htaccess files using SetEnv, and access them in PHP in the $_SERVER array, but only when the .htaccess files are world readable. Making them readable only by me or by root returns a 403 Forbidden error when I try to go to the index of my site.
My apache2 error log has the following error:
"Permission denied: /var/www/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable"
Am I misinformed? Does apache not start as root? If so, what alternative solutions are there for protecting plaintext database credentials?
Bookmarks