B4J Question jSQL MySQL traffic encryption?

[techknight]

the MySQL database is likely going to reside on a separate server than some of the B4J applications, Question is, is there a way to use the MySQL Library jSQL and have some sort of encryption?

I dont know how secure the connection to the exposed server is, and if the username/password that accesses that database is sent in the clear as well. any ideas??

 

[keirS]

MySQL and Connector/J support SSL connections. See here for details.

 

[ThRuST]

Which webhost are you reffering to? B4j provides jB4XEncryption library you can use it should be compatible with the whole B4X frenchise. If you sign up somewhere it usually comes with a mySQL database and PHP. On server side you can manage encrytion through MD5, SH1, Crypyt, Bcrypt and Hash-strings by using PHP. Or set up your own server, but as I understood from your question this is not an option. I've seen your many posts about ABMaterials which seems to be the hot trend for everybody. Google is on top for a reason. However, it's important to do something with past knowledge and MySQL+PHP+CSS is truly POWERFUL. You might want to combine encryption shemes with eachother to cook up a stronger security, and never decrypt your string. Just compare the Hash result for optimal safety.

 

[ThRuST]

keirS, the page you reffered to could not be found, please correct it.

 

[keirS]

keirS, the page you reffered to could not be found, please correct it.

Corrected.

 

[techknight]

MySQL is hosted on my cloud server which runs CentOS and Apache.

 

[techknight]

Which webhost are you reffering to? B4j provides jB4XEncryption library you can use it should be compatible with the whole B4X frenchise. If you sign up somewhere it usually comes with a mySQL database and PHP. On server side you can manage encrytion through MD5, SH1, Crypyt, Bcrypt and Hash-strings by using PHP. Or set up your own server, but as I understood from your question this is not an option. I've seen your many posts about ABMaterials which seems to be the hot trend for everybody. Google is on top for a reason. However, it's important to do something with past knowledge and MySQL+PHP+CSS is truly POWERFUL. You might want to combine encryption shemes with eachother to cook up a stronger security, and never decrypt your string. Just compare the Hash result for optimal safety.

Your way out to lunch on this one, I am not encrypting the database at all.

Yes, I am using ABMaterial however I have moved onto other projects that need MySQL access. However, MySQL, which actually might be mariaDB is running on my Apache cloud server. So, I need to figure out a way to make a connection to that server via SSL so the passwords and queries are not sent in plaintext.

I need the traffic between that Server/MySQL Secured/Encrypted. Thats it.

 

[ThRuST]

The SSL (Secure Sockets Layer) settings can be turned on and off at my webhost one.com, so I just turned it on. This was sure an impartant reminder/wakeup-call. I've seen more and more websites uses https://www... so I'm sorry that I missunderstood your question, even if my answer is relevant to server security in general. SSL could be enabled with in my webhost settings, so unfortunatelly I could not help. Hopefully this helps someone else who signed up at one.com in Denmark. They are pretty famous over here in Scandinavia (I'm in Sweden myself). I will follow this thread with interest since it's really important. Even though I was saved by the webhost this time.

 

[techknight]

I dont use webhosting unfortunately, I actually use droplets which are basically the entire server, so I manage it from an SSH standpoint.

 

[ThRuST]

Excuse me for my lack of knowledge sir, but what does SSH stand for and what does it do? I've seen it at my webhost under SSH/FTP I think

 

[ThRuST]

This might be a bit old, but at least it might solve your problem to activate SSL. I should read it more carefully myself. Go >here<
Also reply in here if it is a solution for you, or else there might be a more recent solution.
Hope this helps you anway. Cheers

 

[ThRuST]

If it works please give me a LIKE, I want to reach the Expert level haha

 

[techknight]

Not quite what I am trying to do, although thats a decent idea to enable SSL on jServer.