Mariadb/mySQL security capabilities for Joomla 3.4/3.5

Do you have an idea for the Joomla community that you can help implement? Discuss in here.
Locked
sriz786
Joomla! Apprentice
Joomla! Apprentice
Posts: 27
Joined: Sun Feb 18, 2007 5:40 am

Mariadb/mySQL security capabilities for Joomla 3.4/3.5

Post by sriz786 » Sun Dec 13, 2015 8:36 pm

Hello,

Can we make following security requirements for Joomla 3.5x based on Mariadb/MySQL 5.7 primarily using Mariadb database encryption for Joomla installation.

Encryption within the database (for your InnoDB tables and tablespaces & Aria temporary tables); created at Google and used there today
- external authentication plugins (PAM, Kerberos, etc.)
- audit plugin to keep track of logins/actions against the database
- using SSL for connections
- looking at rejecting SQL injections via a firewall plugin (really, a look since this is a MySQL Enterprise extension) and how this can be replicated in the open via MaxScale.
- examples of how a misconfigured MySQL could make it "crackable"
- new security improvements in MySQL 5.6 and 5.7, especially around SSL

 
User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 20214
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
Contact:

Re: Mariadb/mySQL security capabilities for Joomla 3.4/3.5

Post by leolam » Mon Dec 14, 2015 8:26 am

MariaDB works very fine with Joomla. I am not quite sure where these "requirements should be located on server level or in Joomla core? What you suggest actually?

Leo 8)
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Webmaster Services: gws-webmaster.services

 

Locked

Return to “Joomla! Ideas Forum”