protecting mysql database from web host

[paragsm]

I want to protect my mysql database from my website host (I am on shared hosting). They should not be able to see the database.
As far as PHP scripts are concerned I understand that using the Zend or another encoder will protect the source code from even the host.
What can be done to encode/decode OR crypt the entire mysql database so that it is useless to the host.
Please give your expert opinion.

Will the following solution work:

Using mcrypt to encrypt / decrypt all the data in the database. Using XML-RPC to store the key to the encryption on another website (different host). Also the database dump is emailed daily to keep a latest copy.

Regards,
Parag

[silent]

If you don't trust your host to not "look into" your database, then perhaps it's time for another host? Either that or running a co-lo or a dedicated box with root rights... That way you can set up your own MySQL server with your own users and reset the root MySQL user password...

[paragsm]

Thanks for the reply. Will a VPS (Virtual Private Server) serve the purpose?

If you don't trust your host to not "look into" your database, then perhaps it's time for another host? Either that or running a co-lo or a dedicated box with root rights... That way you can set up your own MySQL server with your own users and reset the root MySQL user password...

[silent]

Thanks for the reply. Will a VPS (Virtual Private Server) serve the purpose?

Well, if your concern is about your host looking into you database, the VPS solution won't solve anything. That's really just another name for shared hosting, IMHO. The issue you need to solve is your trust of your ISP. You need to find a host you can trust. If it's not the ISP, but the other customers on your shared server that you don't trust (and I wouldn't either...), then you need to investigate how your host protects your data from the other customers.

Truly the only "real" security I know of would be to have a co-located server (meaning: you have the box at your location and simply use their network for bandwidth. I [b]highly[/] discourage this option unless you REALLY know what your doing, because you will be in charge of replacing hardware, security updates, and server management. Plus, this is an expensive option.

If you don't have that experience or those resources (and most of us don't ...), I would stick to researching a reliable and trustworthy host.

HTH,

jay

[samsm]

If the host has the right to physically access the server for maintenance, they also have the ability (potentially) to read everything on it that is not encrypted. In fact, they have the ability to read the stuff that's encrypted too, it just won't be of any use to them unless they unencrypt it.

You could encrypt everything that goes in and out of the database... but that could be a bit of a processor strain. Might not be so bad if you isolate the sensitive information and just encrypt that. It would be interesting to know if there is a MySQL extension or feature for this sort of thing.