An extremely important and justified question! Plugins created by me, in which personal or confidential data is entered, always contain a method for securely storing this data in encrypted form. Let me briefly describe this in more detail.
Preliminary remark
This is not about creating backups. The topic of this article is a description of how plugins developed by me handle data worthy of protection. As the website operator, you are responsible for backing up your website's data.
Basic ideas
There are various methods for implementing encryption. The German Federal Ministry for Security has provided an article on this here: https://www.bsi.bund.de/DE/Themen/Verbraucherinnen-und-Verbraucher/Informationen-und-Empfehlungen/Cyber-Sicherheitsempfehlungen/Daten-sichern-verschluesseln-und-loeschen/Datenverschluesselung/datenverschluesselung_node.html
They recommend the use of the Advanced Encryption Standard (AES), which according to current knowledge is the way to go. However, this alone is not enough, as you should not only think about the encryption method, but also about where the necessary key is stored.
Use in my plugins
Each of my plugins that require this therefore contains a component that is based on PHPPHP PHP is a scripting language with a syntax based on C and Perl, which is mainly used to create dynamic websites or web applications. https://de.wikipedia.org/wiki/PHP-The OpenSSL server provides encryption according to AES. In hosting where OpenSSL is available, this is also used. If OpenSSL is not available, Sodium is used. The encrypted data is stored in WordPress' own database.
Keys are required for both procedures. These are neither stored in my plugin files nor in the project database, but in the wp-config.php from the project. Should the wp-config.php cannot be written to, a must-use plugin is created that contains the key.
This means that the encrypted data and the key for decryption are logically separated. According to my research, this corresponds to the standard ISO/IEC 27002.
Advantages of this route
Unlike other solutions, the user of the plugin does not have to worry about this protection. My plugins do this fully automatically in the background. This means that there is literally no effort required to set it up.
Disadvantages
Of course, we also have to talk about the disadvantages. If the key is lost, the encrypted data can no longer be decrypted. The website operator should therefore make sure that the wp-config.php and/or include the must-use plugin in his data backup. This is the only way he can restore the key used and access his data in the event of unexpected problems with one of the files.
Interested?
The code for the above is included as a GPL license in the respective free plugins. An example can be found here: https://github.com/threadi/wp-personio-integration-light/blob/master/app/Plugin/Crypt.php
If you have any questions, please contact me 🙂
Leave a Reply