How to encrypt data (flat text files) that as they are written and then stored in various folders on the server?
Posted on 2008-06-17
Question: How to encrypt data (flat text files) that as they are written and then stored in various folders on the server?
I have online web forms that users fill out. The data from some of these web forms are stored on the same server, in a plain text file. The information collected is sometimes of a personal and sensitive nature.
So, I am trying to figure out if and how I can accomplish the following.
I would like to have the text files that are dynamically created after a user fills out one of the online forms... to automatically be encrypted or password protected.
I want the information (as it is collected and stored in a folder on the server) to be encrypted (protected so no one could access the information .. immediately as it is collected and saved.
I had looked at a couple software options (from PGP and TrueCrypt) that basically created virtual drives, where the data could be saved to. But in the end, if the virtual drives were active (i.e., mounted, etc.) the data could be written to the virutal drive, but since the drive was visable .. it was also NOT protecting the data. In both cases, only if the drive was dismounted would the data be encrypted and protected. (But if the drive is dismounted, it is no longer visable and therefore could not be written to by my online forms.
I need to know how to set up "something" that would allow the files (as they are created .. as users fill out the online forms) .. to automatically be protected in a sufficient manner so that no one (another user on the network, a hacker, etc.) would be able to see the contents of the files.
I am hoping someone can help me with a suggestion that would allow me to somehow .. protect certain folders from being READ or accessed by anyone .. yet allow my scripts, etc. to write and add data into the protected folders. So, in a nut shell, data could be saved into the protected folder, but nothing could be taken out or read from the folder .. without knowing a secure password or something.
Any thoughts to get this done?