Jump to content
  • 0

mariaDB support in V4


siteAdmin

Question

Hi to all Blesta fans,

This is my first post.

I am here because I have read a lot about the Blesta security features and interested in purchasing one soon.

Obviously I have many questions. But my main questions are 1)  if V4 will support mariaDB 10.1.18  and 2) if V4 will have any feature to support mariaDB's data-at-rest encryption OR AWS Key Management service. Thank you.

 

Link to comment
Share on other sites

10 answers to this question

Recommended Posts

  • 0
1 hour ago, siteAdmin said:

Obviously I have many questions. But my main questions are 1)  if V4 will support mariaDB 10.1.18  and 2) if V4 will have any feature to support mariaDB's data-at-rest encryption OR AWS Key Management service. Thank you.

I have no experience with MariaDB's data-at-rest encryption or AWS key management service (I assume that's related to db encryption?). Are there any special requirements? According to https://mariadb.com/kb/en/mariadb/data-at-rest-encryption/, it seems like the application would be responsible for setting encryption on the tables. If so, then it would be unsupported.

Link to comment
Share on other sites

  • 0

@Paul

Thanks for the reply.

Yes, it is related to the db encryption and there is one good advantage (over AES encryption/decryption) on that feature. Don't want to go into too many technical details here as it is a server security related issue.

BTW, does Blesta have a feature to encrypt all the fields or just few selected fields by default?. However, I have noticed that custom fields do have the option to encrypt. And one more question. Can these custom fields (whether encrypted or not) be included in webhooks?

 

Link to comment
Share on other sites

  • 0

Re mariaDB data-at-rest encryption or AWS key management service, one can select the tables/spaces  either to be encrypted or not. So, if that can happen on the Blesta then there wont be any chances for any hacker to change db content. It is possible that someone can delete the data but not to read it. The AWS KMS can rotate the keys and they kept away from the app so make it impossible to crack.

Link to comment
Share on other sites

  • 0
25 minutes ago, siteAdmin said:

@Paul

Thanks for the reply.

Yes, it is related to the db encryption and there is one good advantage (over AES encryption/decryption) on that feature. Don't want to go into too many technical details here as it is a server security related issue.

BTW, does Blesta have a feature to encrypt all the fields or just few selected fields by default?. However, I have noticed that custom fields do have the option to encrypt. And one more question. Can these custom fields (whether encrypted or not) be included in webhooks?

 

Blesta encrypts data with a one-way bcrypt hash, and the modules set the encryption of services etc, and custom fields and the universal module you can set the fields to be encrypted.

Link to comment
Share on other sites

  • 0

Certain fields are encrypted automatically, but modules and plugins can define which fields to encrypt. Because search operations cannot be performed on encrypted data, we usually don't recommend encrypting all fields, but that's a decision the developer should make.

This page should give you a basic understanding of what is encrypted in Blesta and how it's performed: https://docs.blesta.com/display/user/Encryption

Link to comment
Share on other sites

  • 0
8 minutes ago, Paul said:

Certain fields are encrypted automatically, but modules and plugins can define which fields to encrypt. Because search operations cannot be performed on encrypted data, we usually don't recommend encrypting all fields, but that's a decision the developer should make.

This page should give you a basic understanding of what is encrypted in Blesta and how it's performed: https://docs.blesta.com/display/user/Encryption

Thanks for that.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...