Online Page Editor Add-on Support Product Page
Answered
how are credentials stored?
Asked 14 Apr 2011 20:21:12
1
has this question
14 Apr 2011 20:21:12 Alice Erickson posted:
I'm liking the looks of this, but I'd like some clarification as to how the login and ftp credentials are stored. The documentation says "securely stored" but what does this mean? Are they encrypted somehow? Also, my understanding from the documentation is that I need to either select the ftp method of saving the edited files, in which case the individual page files themselves don't need write permissions, or I need to add write permissions to the pages if I choose not to set up ftp. If the ftp credentials are stored securely enough, then that method would be preferable. But if I don't feel that those credentials are stored with enough security, then I need to decide how well I like the idea of making the pages writable. So, clarification on this will really help me decide if this is a good purchase.
Replies
Replied 14 Apr 2011 23:45:52
14 Apr 2011 23:45:52 George Petrov replied:
Hi Alice,
The credentials are stored in the generated PHP file itself on your server. The source code of this file is never revealed to any users so that is secure. Nobody can look at the source code of the PHP files unless they already have full access to your server.
Exactly - you either choose for FTP method or give writer permissions to the files. The FTP method is indeed preferred and more secure. The FTP credentials are also store in the generated PHP file - so again never revealed.
I hope this makes it all clear.
Greetings,
George
The credentials are stored in the generated PHP file itself on your server. The source code of this file is never revealed to any users so that is secure. Nobody can look at the source code of the PHP files unless they already have full access to your server.
Exactly - you either choose for FTP method or give writer permissions to the files. The FTP method is indeed preferred and more secure. The FTP credentials are also store in the generated PHP file - so again never revealed.
I hope this makes it all clear.
Greetings,
George
Replied 14 Apr 2011 23:50:50
14 Apr 2011 23:50:50 Alice Erickson replied:
Thanks, George. This is perfectly satisfactory, and I'll go ahead and purchase the product. I should have known it was like that, but I lack imagination today. The first site I'll use it on is ASP, rather than PHP, but that makes no difference. I think this is going to be really useful to me on sites where even the simplest control panel intimidates the site owner. I've got some really easily intimidated customers. []