I am currently building a new version of my website using an infinity free hosting. I am very impressed by all the features and posibilities, but I do have a question to which I could not find the answer so far.
Although I think it is irrelevant for this question, my website URL is: http://kindervakantiespelweek-in-son.epizy.com/
It uses wordpress with some custom plugins that I am currently working on.
On this website I intend to enable visitors to sign-up in order to participate in activities that will be organized in Europe. In order to sign-up visitors will need to provide “personal information” like their name, e-mail address and hone number. I will have to store this information and because it is “personal information” I am required by law to ensure I do this in a safe way.
This obviously means that I have to apply SSL when the site is being used, but even that would not fully cover my legal obligation, because it only encrypts the communication between visitor and server and does not protect the storage of the data. The safest way that I could think to protect the stored data is asymmetric encryption, the website can have the public key and a PHP script can encrypt all data before it is stored in the database. The data in the database would be safe, as the data is useless without the private key.
Unfortunately I don’t have the skills nor the time required to code this myself, so I searched for a proper library and found libsodium as the most recommended candidate. Now I wonder:
Is it possible to use libsodium with a free account?
If so:
2a. Are there any settings I should adjust or precautions I should take?
And if libsodium is not available:
2b. Is there a way that I can make it available for just my account?
And if that is not possible:
3. Is there an alternative available that you can recommend?
The short answer: libsodium is not installed on free hosting servers, and with free hosting it’s not possible to customize which PHP extensions are enabled for your account, let alone install custom extensions.
Libsodium was only shipped by PHP starting with version 7.2. It was available before that, but only as a custom extension. And the latest version of PHP we can offer right now is 7.0 (yes, it’s old, we hope to add new PHP versions soon).
Most hosting providers who offer PHP 7.2 or 7.3 should have libsodium as well. The premium hosting of iFastNet is no exception.
However, if you want to be sure your data is encrypted, then you should really consider whether web hosting is the right service for you. Sure, you can encrypt the data in the database, but when your PHP code can decrypt your data, it means the decryption key is also on your hosting provider’s servers. So any party with malicious intent and access to your account can still decrypt the data.
If you want true security, you’d have to get your own dedicated server and encrypt it’s disks. Only then you can make sure that only you can control who can access the decryption keys.
And finally, using OpenSSL for the encryption is also an option. That’s also what we use to encrypt cookies and the like for our client area.
The scenario that you descibe is exactly why I am looking for asymmetric encryption, this way the PHP has to know the key for encryption, but the key for decryption doesn’t have to be on the server. It could be (temporarily) provided only when decryption is required.
I agree that a private server could be made more secure in theory, but this website is for a volunteers organization with a small budget and to be honest I am not sure if I would be able to maintain it. Websites are one thing, adding the server maintenance feels very different.
When you state that:
yes, it’s old, we hope to add new PHP versions soon
should I be thinking about days, weeks, months or years? I could honestly imagine all of them depending on when preparations have started and how much testing is still required.
For my project I have a deadline, the moment that people will be invited to register, of April 15th. So I expect I will have to look at openSSL for a while and then prepare to switch.
I don’t know. iFastNet is working on this, but they don’t share that much information about the progress or any release dates. From what I’ve been told, it’s likely that there will be one big update which adds all new PHP versions and removes some old and unsafe ones.
Thanks again for your quick responses and great service.
I think I found a good solution that may be useful for others until php 7.2 becomes available here: GitHub - paragonie/sodium_compat: Pure PHP polyfill for ext/sodium
Using this, I won’t have to change my code much when php7,2 becomes available.