I'm assuming the sysadmin cannot/would not edit the source?
If that's the case, a solution like IonCube might do the trick. Just make sure PDO connection errors aren't displayed/logged, since they may contain connection info.
You can also try restricting the sql user's access to the server's IP, but it still may be possible to connect directly from the server itself.
If the sysadmin can't access the db, who's managing the db server?
I'm not sure how safe this is for running config files, but since the decoder is free, this would be affordable. You can also look into the pricing for Zend Guard.
8 comments
[ 0.19 ms ] story [ 28.0 ms ] threadIf that's the case, a solution like IonCube might do the trick. Just make sure PDO connection errors aren't displayed/logged, since they may contain connection info.
You can also try restricting the sql user's access to the server's IP, but it still may be possible to connect directly from the server itself.
If the sysadmin can't access the db, who's managing the db server?
http://www.ioncube.com/online_encoder.php
I'm not sure how safe this is for running config files, but since the decoder is free, this would be affordable. You can also look into the pricing for Zend Guard.