Drop Shadow

Databases

Many web applications require a SQL database. We have support for two SQL databases on the web server: SQLite and MySQL. SQLite is moderately easier to use, because it does not require managing a username and password: all of the database information necessary is stored in a single file in your account. You can use SQLite from the web server’s command line and from PHP, Perl, or Python scripts on www.sandiego.edu and using Perl or Python on home.sandiego.edu.

MySQL is more complex, and runs on a separate server, requring a username and password. If you have a MySQL server already running, you can use that, or your site’s authorized contact can request a MySQL database on our server from the form on this page. You can use MySQL from PHP, Perl, or Python on either www.sandiego.edu and from PHP or Perl on home.sandiego.edu.

Database security

Remember that we are running a shared server. Since your database files (or MySQL configuration files) need to be readable by the web server, they are vulnerable to anyone else at USD who runs web pages on the main server. You should:

  • Store database files and configuration files outside of your web area.
  • Make sure that the database files and configuration files are usable only by you and the web server.
  • Only allow read access to your database from the web if at all possible.
  • Ensure that the username and password in your web files, if you are using MySQL, will only work from the web server’s host.

The more of those you can do, the more secure your database will be. But on a shared server, you can never be completely secure. You should keep regular backups of your database. You should also not store any information which would be dangerous if stolen. No credit card information should be stored in a shared-server database, for example.

SQL Solutions

SQLiteSQLite is a simple, easy-to-use SQL database that does not require special systems or requests on your part to use.
Information SecurityDo not collect any information that would cause trouble if it got loose. This specifically includes social security numbers, drivers license numbers, credit card numbers, or any financial access numbers.
MySQLMySQL is a server-based SQL implementation that you can manage remotely but which also requires special tools to access.

Comments

If you have comments or tips for readers of this page, you may post them here. Questions are more appropriately directed to the webmaster. Comment on this page