Lost Password?

Go Back   CodeCall Programming Forum > Software Development > Software Security
Reload this Page Shopping cart source code and security
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Software Security Information to inform users on how to protect their personal software / applications. Learn how to protect against software crackers.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 02-04-2008, 08:32 AM
Doe1974's Avatar   
Doe1974 Doe1974 is offline
Newbie
  
Join Date: Aug 2007
Location: Garin
Posts: 7
Rep Power: 0
Doe1974 is on a distinguished road
Question Shopping cart source code and security
I have several customer sites built with comersus shop cart. One of my customers has the site hosted in a shared server, so hosting service technicians have access to all files located in the server.

Is there any way to protect database main connection password located inside ASP scripts?

Or should I suggest a dedicated server?
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote

Sponsored Links
  #2 (permalink)  
Old 02-04-2008, 08:50 AM
v0id's Avatar   
v0id v0id is offline
<img src="http://forum.codecall.net/images/userbar/supermod.png" alt="Super Moderator">
  
Join Date: Apr 2007
Location: Denmark
Posts: 2,468
Last Blog:
CherryPy(thon)
Rep Power: 27
v0id is a glorious beacon of lightv0id is a glorious beacon of lightv0id is a glorious beacon of lightv0id is a glorious beacon of lightv0id is a glorious beacon of lightv0id is a glorious beacon of light
Send a message via MSN to v0id
Default
There's no way to protect the password if it's stored in a plain ASP-script. So, I don't really see any other alternatives than he gets storage on another server (it could be a dedicated server, yes)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 02-06-2008, 01:36 PM
shibbythestoner's Avatar   
shibbythestoner shibbythestoner is offline
Programmer
  
Join Date: Jun 2007
Location: Scotland
Age: 17
Posts: 119
Rep Power: 5
shibbythestoner is on a distinguished road
Default
You could put an md5 hash of the password in another database/table or something...not perfect but perhaps more secure.
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 02-07-2008, 12:13 AM
v0id's Avatar   
v0id v0id is offline
<img src="http://forum.codecall.net/images/userbar/supermod.png" alt="Super Moderator">
  
Join Date: Apr 2007
Location: Denmark
Posts: 2,468
Last Blog:
CherryPy(thon)
Rep Power: 27
v0id is a glorious beacon of lightv0id is a glorious beacon of lightv0id is a glorious beacon of lightv0id is a glorious beacon of lightv0id is a glorious beacon of lightv0id is a glorious beacon of light
Send a message via MSN to v0id
Default
The password has to be in plain text if it shall be used for connecting to the database.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 02-13-2008, 09:56 AM
TcM's Avatar   
TcM TcM is offline
Moderator
  
Join Date: Aug 2006
Location: In a technologic world :p
Posts: 7,360
Rep Power: 67
TcM has much to be proud ofTcM has much to be proud ofTcM has much to be proud ofTcM has much to be proud ofTcM has much to be proud ofTcM has much to be proud ofTcM has much to be proud ofTcM has much to be proud of
Default
I guess this is a problem with all other programming languages like PHP and ASP... maybe others too.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote

Sponsored Links
Reply

« Previous Thread | Next Thread »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -5. The time now is 06:56 PM.

Contact Us - Programming Forum - Archive - Top

CodeCall

Contest Stats

Xav ........ 162.68
delia ........ 100
neerlin ........ 100
satrian ........ 100
nik68 ........ 100
chili5 ........ 70.08
morefood2001 ........ 42.41
MeTh0Dz|Reb0rn ........ 28.44
RyanTuosto ........ 20
gamiR ........ 19.64

Contest Rules

CodeCall Goal

Goal: 100,000 Posts
Complete: 68%

Sponsors

Linux Forums
Electronic Music
Podnet IRC Network

Ads