How can I safely communicate with my remote data base in Zeos?

Question

I use MySQL in a shared server account and my worry is if a hacker monitors the connection between my application and that MySQL server.

Is that connection ciphered anyhow or is it raw data passing through (including at the connection time when Zeos TZConnection component informs the server what is the data base name, user name and password)?

If it's raw, how could I add some protection to it?

Answer 1

Actually it is not your TZConnection which speaks with the server. Instead, it communicates with libmysql.dll which sends and receives data from the Mysql server.

To secure your connection to the server you can use SSL. You will need 3 certificates:

• CA-cert.pem
• client-cert.pem
• client-key.pem

You can find information on how to generate them in this MySQL link.

Once you have them you need to setup TZConnection to indicate SSLshould be used as follows:

Connection.Properties.Values['MYSQL_SSL']      := 'TRUE';
Connection.Properties.Values['MYSQL_SSL_CA']   := 'c:/MyPath/CA-cert.pem';
Connection.Properties.Values['MYSQL_SSL_CERT'] := 'c:/MyPath/client-cert.pem';
Connection.Properties.Values['MYSQL_SSL_KEY']  := 'c:/MyPath/client-key.pem';

More information about MySql and SSL can be found in this discussion in Zeos forums.