I think it's a matter of how you maintain the site and I don't think the database is the part that you need to worry but rather, the scripts that you run on your site. I always keep the rule of thumb where unnecessary plugins / modules / extensions are not installed.

Hi Mark,

I wanted to revisit this topic after the Sony hack and all the news that it is generating (see your own post and Joomlart's post. Although JA was not running Joomla I'm using it highlight the damage that was done by not encrypting their DB) .

While your reply is true, we as site owners must do everything that we can to protect our users data. Is there any way that a site owner can encrypt their DB (or at least some portions of it)? This would help ensure that if the server was hacked, that it will be a lot harder to make off with the data.

Subscribed. Indeed security in this day of age is becoming more important when it comes to data.

Hello Chaim,

Here's the problem about "open source", there is no way to encrypt the data unless you hash it one way. But there's no way to reverse it. If we apply our own algorithms to encrypt the data in the database, it's pretty useless because if the hacker has access to your files, they would be able to see the algorithm and be smart enough to decrypt these data again.

All in all, I think it's pretty pointless to encrypt anything unless the source is no open.

Mark,

While I understand what you are saying, why not adopt a solution that joomla uses to store its passwords; isn't something better than nothing?

Another angle, is it possible to encrypt the DB not from Joomla rather from MySQL?

Have a great weekend,
Chaim

Hello Chaim,

We don't store any passwords in EasySocial so I don't see a need of storing a 1 way hashing algorithm like Joomla

Mark, what about private details such as user profile information, is there any way to protect that?

Hello Chaim,

Please look at my response above, http://stackideas.com/forums/encrypting-the-db#reply-181970 .

How are the passwords stored Mark after users register through EasySocial? Are they salted and iterated MD5 to hash passwords? Let's say if the db is comprised, is it safe to say that atleast the passwords can't be easily decrypted? Since JA news, I also heard phpbb servers compromised, ARS server compromised and even ICAAN! All are big sites and All happened last week! Don't know when my small time site will be hacked..

When a user registers on your site, the passwords are stored on Joomla's user table. We do not store them. They are stored in a single hash algorithm so there's no way to recover the password. That is why when you recover passwords in Joomla, there is no way to get your old passwords

Thank you Mark. I guess the only thing we can do is secure the server, secure joomla, have a strong admin password and pray we don't get hacked. What a terrible world we live in.

Yes, that is the only way to secure your site If you leave your house with ton's of different locks but leave the keys to a stranger, anyone could break in as well

HI Mark,

While what Neel is saying is correct, I think the point of my question has been missed

The only reason that i mentioned the Joomla password concept was to give some ideas how one can encrypt their DB. With that being said, does anyone have any ideas how one can encrypt their DB? I truly believe that it is the duty and obligation of a site owner/admin to protect their users data!

Wishing you all Happy Holidays,
Chaim

Here's an interesting post regarding MySQL Encryptions.

You'll want to use AES with 256bit keys, as that is the prevailing best-practice/standard right now. 256bit AES keys are considered to be of sufficient size to be secure against modern computing power.

(Source)

Hello Chaim,

Yes, but it's a 1 way hash algorithm for passwords and you cannot revert it back to the original password. You guys need to understand that if the hacker has access to your files and figure out the algorithm being used, there's always a way for them to de-crypt the data again.

Right, which is a serious possibility. I'm curious however if it's possible that a hacker could access the user data without getting access to the server files (or at least the encryption algorithm files). In the scenario mentioned, the hacker would not be able to decrypt it. But perhaps in data security breaches it's common for them to be granted access to the server files too? Or is it just a possibility? Pardon my ignorance on this subject.

Hello Josh,

Yep, if the hacker doesn't have the source files, it would be more difficult for hackers to be able to decrypt the data

Mark wrote:

Yep, if the hacker doesn't have the source files, it would be more difficult for hackers to be able to decrypt the data

Mark wrote:

Hello Chaim,

Yes, but it's a 1 way hash algorithm for passwords and you cannot revert it back to the original password. You guys need to understand that if the hacker has access to your files and figure out the algorithm being used, there's always a way for them to de-crypt the data again.

Mark wrote:

When a user registers on your site, the passwords are stored on Joomla's user table. We do not store them. They are stored in a single hash algorithm so there's no way to recover the password. That is why when you recover passwords in Joomla, there is no way to get your old passwords

Mark,

If I understand you what you are saying correctly, you're basically saying that there is no point in securing any information because if one was hacked the hackers can easily defeat the encryption being use; if that is the case is Joomla providing a false sense of security by encrypting the users password, if yes why bother, if not, why cant a similar method be implemented to protect the users data?

Sorry for being a pain, I really don't understand the point that you are trying to drive home.

Hello Chaim,

You might have been misunderstanding my reply above. It makes sense to hash the passwords but in Joomla, the passwords are hashed 1 way. In simpler understanding, you will never be able to recover the password. What you guys are posting here is to encrypt the "contents" of EasySocial which doesn't make sense because if you hash the title of the group 1 way, there is no way to retrieve the title.

Encrypting database is not going to protect you from being hacked. If some one can hack and steal your database, he will of course will also look for the key to decrypt the database. Further to that, this is gonna add so many layers of complications to all your applications installed. Best thing to do will be to secure your server and your applications. If you are really keen on encrypting database, then you need to hire a security professional to assess your case as it is a specialized field and doesn't come cheap. It's not like installing a plugin. I never heard of any joomla site encrypting a full database.

Thanks for sharing this Neel In fact I have never heard of any sites encrypting the database

Guys I want to clarify, I'm not referring to encrypting the entire database, rather encrypting certain fields such as first name or any other fields that the admin selects. I think it is better to give the admin the option of encrypting the the DB even if that means that the data will be irretrievable.

I'm dropping this topic, as I don't see any reason to continue the discussion.

Perhaps there is a simple way to have the entire database encrypted? Joomla encrypts a little bit of data, however most of it is easily readable. So even if you get ES to be encrypted, you still have the rest of the site. Unless of course you are only concerned with encrypting EasySocial tables.

Hello CK,

If you are encrypting the first name using Joomla's 1 way password hash, how can you even reverse the hash back to it's original form? It doesn't make sense

When EasySocial retrieves this "1 way encrypted data's", there is no way to de-crypt back to it's original form and it would then appear as it is and this also means that when you populate the first name on your profile page, it appears as is.

HI all,

I wanted to revisit this topic and see if it is at all possible to get this accomplished. I understand that it doesn't make sense to encrypt the entire DB, i think that encrypting the messages/conversations is a good starting point.

Thoughts?

Encrypting contents would require a 2 way encryption algorithm and I don't think it makes sense encrypting contents because it will hurt your search, there is not going to be a way to search.

Perhaps encrypting messages would make more sense since it's never going to be searched for but one would also need to consider, a 2 way algorithm means there would be a key stored somewhere to be used as the salt. If your site is hacked, chances are that hackers would also know the salt.