When would you use OR for what reasons would you use mysqli with ssl?
I currently have a website setup for use with SSL, so is having SSL not enough to protect user data?
I currently use mysql and will soon be converting my code for use with mysqli, but I am confused on what advantage using mysqli with ssl_set function gives me if I am already using SSL? In my case, would this even be necessary?
Thanks!
分享 SSL is required for getting data from point A to B securely so it can't be viewed by an attacker on insecure networks.
MySQL has support for SSL for the actual connection to the database.
When you visit your bank online, you sure want that data over SSL so it can't be seen while going over networks you don't control/trust.
If your database connections are also going over networks you don't control/trust you want to use SSL.
That being said, it is rare to find a hosting company that supports SSL MySQL connections and generally the weak link is going to be your web application that if hacked has a direct route to the DB and the credentials available in config files.
If you are doing anything with sensitive enough information you will have to find a competent managed provider or build out your own infrastructure to ensure security.
分享
