Encrypt s3 credentials in the database, don’t show to user at all

as a licensed user since 2014, the biggest issues is that I have to create a separate bucket for each client, because the s3 credentials are not store in encrypted format. I would imagine it would very little effort to add this feature. Ideally, I’d like to put customers in their own folders within a single bucket. This means a single set of aws credentials that once entered cannot be retrieved.

2nd option is to encrypt the keys when we lock the updraft controls.

I think a lot of people will be happy with this update

twitterlinkedinFacebook

1 Comment

  1. udadmin

    Hi,

    Thank you for using UpdraftPlus! Can you explain what you mean by encrypting the key? Obviously, any key has to be in a form that can be accessed in its original form, because otherwise it can’t be used (since it’s only the original form that can be used to communicate with Amazon). So, you mean reversible encryption. But if it’s reversible encryption, then any WordPress administrator (who, by the nature of things, has access to a full backup of *everything* in your WordPress site) has access to the things needed to decrypt it. There is no form of encryption logically possible in which a plugin can decrypt something but a human with access to the same data can’t.

    It’s possible and normal to create keys that can only access a sub-path of a bucket, not the whole bucket. i.e. When you say you’re having to create one bucket per user, that’s a misunderstand of S3 bucket policies. Here’s an example of the sort of policy to use to restrict a key to a sub-path of a bucket: https://aws.amazon.com/blogs/security/writing-iam-policies-grant-access-to-user-specific-folders-in-an-amazon-s3-bucket/

    David

Submit a Comment