Storing sensitive data with Drupal

Asked 29/4, 2011 at 16:41 Answered 24/6, 2014 at 19:45

I need to use sensitive data with Drupal for a custom module to use. If I simply set them through the GUI, they will be stored unencrypted in the database. Anyone having access to it will have access to my sensitive data.

I can see two solutions for the moment:

Find a way to securely store those credentials into the database;
Put those sensitive data into a credentials_inc.php file, include it in settings.php to set variables my custom module could use and make sure that nobody else can read the file.

Which solution is best according to you? What do you recommend? Is there any other best option?

Best regards.

Apograph answered 29/4, 2011 at 16:41 Comment(2)

What kind of sensitive data and do you need to read it back the the screen at some point? – Sekyere 29/4, 2011 at 16:44

Credentials to access external web services. And no, we don't need to display them. We just need them for a custom module to use the external web service. – Apograph 29/4, 2011 at 16:50

I would start off by using SecurePages module, to make sure the data entered somewhere along the way is not snooped.

Then to encrypt the information try using php's mcrypt with a short example of how to encrypt and decrypt.

Once the information is secured, you should have no problem storing the data in drupal's db structure. Also, an important note, you might check out hook_init() instead of trying to append something in settings.php. That is in general a bad practice.

Swagsman answered 29/4, 2011 at 17:7 Comment(5)

Thanks for this answer. Lots of information here;). Maybe the encryption module does this all for me directly... I will have to check by myself. – Apograph 30/4, 2011 at 9:41

Its quite possible. It just depends on how much control you want, and how much coding you want to do. If the encryption module does most of it for you, I'd definitely use that, but I would still go with SecurePages as a must. – Swagsman 30/4, 2011 at 15:35

I will accept your answer as it is the most complete I believe. Could you please just add a note about the encryption module please? – Apograph 1/5, 2011 at 4:47

Install the Encrypt module, after you do that, goto admin/settings/encrypt, set the encryption type to Basic if you don't have mcrypt phpmod or AES if you do have mcrypt phpmod. Then in your code you only need to use $encrypted_string = encrypt($string) then store it in the db (BLOB type) $decrypted_string = decrypt($encrpyted_string) to un encrypt it. Check out drupal.org/project/encrypt – Swagsman 1/5, 2011 at 9:41

Me again. After some additional search and testing, it seems that using the settings.php + include credentials.inc file is not that a bad idea. Actually, if Drupal is compromised and your server is not, your are still safe. If your server is compromised, your are screwed;) I would clearly reconsider which technique to use... – Apograph 5/5, 2011 at 12:42

The Encryption module provides an API that supports a few different encryption methods, including mcrypt (if you have it enabled).

Diverticulosis answered 29/4, 2011 at 17:23 Comment(1)

Thanks for the link! I will see this module. – Apograph 30/4, 2011 at 9:40

The Encryption module is an excellent way to encrypt sensitive data within Drupal. However, this module does not provide adequate key management (it stores the encryption key within the Drupal database - like storing the keys to your house under your Welcome mat).

Along with Encrypt, you will also need an additional module like Townsend Security Key Connection which allows you to manage the encryption keys outside of the Drupal database in an encryption key manager (HSM, Cloud, VMware, etc.). Just remember - if you aren't properly managing your encryption keys, you aren't properly encrypting your data.

Full Disclosure: I work with Townsend Security on the Drupal team.

Gershon answered 24/6, 2014 at 19:45 Comment(0)

Recommended topics

Hot tags