hide connect rpc in code

tradebtcdotus (OP)

Newbie

Offline

Activity: 24
Merit: 0

hide connect rpc in code

October 11, 2015, 12:24:39 PM

Hello everybody!
When I use php connect with bitcoind via rpc
I must write user/password rpc in code
problem: when hacker hack code, they will get my bitcoin.
how can I hide connect rpc in code?

sellscript

Sr. Member

Offline

Activity: 462
Merit: 250

Re: hide connect rpc in code

October 11, 2015, 12:25:42 PM

I think you can use database

achow101

Staff
Legendary

Offline

Activity: 3402
Merit: 6653

Just writing some code

Re: hide connect rpc in code

October 11, 2015, 02:42:24 PM

Quote from: tradebtcdotus on October 11, 2015, 12:24:39 PM

Hello everybody!
When I use php connect with bitcoind via rpc
I must write user/password rpc in code
problem: when hacker hack code, they will get my bitcoin.
how can I hide connect rpc in code?

Make sure you setup the rpc so that both port 8332 is not available from the outside and that the rpc server only accepts connections from whatever ip the webserver is hosted on. (probably localhost)

Bitcoin Core contributor | Tip Me! | GitHub | GPG Key Fingerprint 0x17565732E08E5E41

goregrind

Full Member

Offline

Activity: 149
Merit: 100

Re: hide connect rpc in code

October 13, 2015, 03:50:14 AM

There is no easy solution here, just write secure scripts.
As long as your script has access to your bitcoins so will any attacker that gets access to your script.

woot?

coinpr0n

Hero Member

Offline

Activity: 910
Merit: 1000

Re: hide connect rpc in code

October 13, 2015, 10:04:04 AM

If someone hacks the server that's pretty much it. But you can avoid putting the password directly into the source code by using the server's environment variables or some other mechanism of separating it out and only read on loading / execution of the script.

BITMIXER.IO High Volume Bitcoin MIXER

Pages: [1]

Bitcoin Forum > Bitcoin > Project Development > hide connect rpc in code

« previous topic next topic »