Hey Guys and Gals,
I have just created my first connection to an MYSQL db that is located on the hosting server. I use Dreamweaver to built my sites using Classic ASP.
The specific connection string I found here on experts-exchange had me plug in the IP address (local machine IP I believe 127.0.0.1, I connect from my workstation to the hosting server via a tunnel, hopefully that makes sense!), db name, user name, and password.
Am I crazy in thinking that is isn't very secure? Doesn't this give all the information needed to gain access to my db? Wouldn't someone simply have to go to whateversite.com/connections (as this is the default dreamweaver connections folder) and they could somehow find my connection string?
I had been using an Access DB for years and I was able to place the .mdb file in a private folder that didn't allow for the db to be downloaded. I am new to mySQL and I believe it can not be "downloaded" the same way, but doesn't giving the db name, user name, password compromise the security?
Any information you guys have would help!