Author

Topic: hide connect rpc in code (Read 610 times)

hero member
Activity: 910
Merit: 1000
October 13, 2015, 05:04:04 AM
#5
If someone hacks the server that's pretty much it. But you can avoid putting the password directly into the source code by using the server's environment variables or some other mechanism of separating it out and only read on loading / execution of the script.
full member
Activity: 149
Merit: 100
October 12, 2015, 10:50:14 PM
#4
There is no easy solution here, just write secure scripts.
As long as your script has access to your bitcoins so will any attacker that gets access to your script.
staff
Activity: 3458
Merit: 6793
Just writing some code
October 11, 2015, 09:42:24 AM
#3
Hello everybody!
When I use php connect with bitcoind via rpc
I must write user/password rpc in code
problem: when hacker hack code, they will get my bitcoin.
how can I hide connect rpc in code?
Make sure you setup the rpc so that both port 8332 is not available from the outside and that the rpc server only accepts connections from whatever ip the webserver is hosted on. (probably localhost)
sr. member
Activity: 462
Merit: 250
October 11, 2015, 07:25:42 AM
#2
I think you can use database
newbie
Activity: 24
Merit: 0
October 11, 2015, 07:24:39 AM
#1
Hello everybody!
When I use php connect with bitcoind via rpc
I must write user/password rpc in code
problem: when hacker hack code, they will get my bitcoin.
how can I hide connect rpc in code?
Jump to: