comment on

The question is how do I best secure the database itself?

There is no universal answer since it depends on what you are securing the database from. (What is your threat model?)

Not serving the database file itself for everyone to download as a static file is a great first measure. But what is the password supposed to protect from? Other users on the same server? That should be handled by file ownership and permissions provided by the operating system. Hackers with access to files belonging to the web server? They would just read the password from the same place the web server reads it from to serve the database content.

Nevertheless, if you do have a use for database encryption and you don't have the budget for $2000 SEE, another option to consider is free SQLCipher.

In reply to Re: How to secure SQLite3 in Windows IIS CGI by aitap
in thread How to secure SQLite3 in Windows IIS CGI by RedJeep

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.