Title: Secure DB Connection
Author: hypertextranch
Published: <strong>2016年8月21日</strong>
Last modified: 2018年7月8日

---

プラグインを検索

このプラグインは **WordPress の最新3回のメジャーリリースに対してテストされていま
せん**。もうメンテナンスやサポートがされていないかもしれず、最新バージョンの WordPress
で使用した場合は互換性の問題が発生する可能性があります。

![](https://ps.w.org/secure-db-connection/assets/icon-256x256.png?rev=1905585)

# Secure DB Connection

 作者: [hypertextranch](https://profiles.wordpress.org/hypertextranch/)

[ダウンロード](https://downloads.wordpress.org/plugin/secure-db-connection.1.1.6.zip)

 * [詳細](https://ja.wordpress.org/plugins/secure-db-connection/#description)
 * [レビュー](https://ja.wordpress.org/plugins/secure-db-connection/#reviews)
 *  [インストール](https://ja.wordpress.org/plugins/secure-db-connection/#installation)
 * [開発](https://ja.wordpress.org/plugins/secure-db-connection/#developers)

 [サポート](https://wordpress.org/support/plugin/secure-db-connection/)

## 説明

Depending on the MySQL server setup the SSL certs used may not be in the trusted
store, if that’s the case `mysqli_ssl_set()` needs to be called to set custom keys
and certs before connect. This Plugin adds a custom DB class that allows these settings
to be configured via custom constants.

This plugin will also add a custom item on the “At a Glance” section of the Dashboard
to show if the `$wpdb` connection is secure or not.

Also find me on [GitHub](https://github.com/xyu/secure-db-connection).

## スクリーンショット

 * [[
 * An at a glance item is added showing the status of the MySQL connection when 
   this plugin is activated. If the connection is encrypted the SSL version and 
   cipher used will also be shown.

## インストール

For detailed installation instructions, please read the [standard installation procedure for WordPress plugins](https://codex.wordpress.org/Managing_Plugins#Installing_Plugins).

 1. Install and activate plugin, if the filesystem is writable the Secure DB Connection
    dropin will be installed for you automatically. If not proceed to step 2
 2. Symlink or copy the `db.php` file from the `/wp-content/plugins/secure-db-connection/
    lib/` directory to the `/wp-content/` directory.
 3. Set the relevant defines in your `wp-config.php` file.

#### Configuration Parameters

To adjust the configuration, define any of the following applicable constants in
your `wp-config.php` file.

 * `MYSQL_SSL_KEY` [default: not set]
 * The path name to the key file. (RSA Key)
 * `MYSQL_SSL_CERT` [default: not set]
 * The path name to the certificate file.
 * `MYSQL_SSL_CA` [default: not set]
 * The path name to the certificate authority file in PEM format.
 * `MYSQL_SSL_CA_PATH` [default: not set]
 * The pathname to a directory that contains trusted SSL CA certificates in PEM 
   format.
 * `MYSQL_SSL_CIPHER` [default: not set]
 * A list of allowable ciphers to use for SSL encryption. You can leave this blank
   if you want to just use the strongest available.

#### Turning on SSL

First please note, only the `mysqli` (MySQL Improved) extension is supported this
is the default extension used by WordPress however if you do not have the extension
installed WordPress will fallback on the much older mysql extension which does not
support secure connections.

Depending on your database configuration you may not need to set all the available
options. For example when connecting to RDS Amazon helpfully provides a certificate
bundle so once that’s downloaded to the server all that’s need is to set the CA 
option:

    ```
    define(
      'MYSQL_SSL_CA',
      '/path/to/rds-combined-ca-bundle.pem'
    );
    ```

Once SSL keys / certs have been configured you via the defines above define an WP
core constant to pass a use SSL flag to the mysqli client also in your `wp-config.
php` file.

    ```
    define(
      'MYSQL_CLIENT_FLAGS',
      MYSQLI_CLIENT_SSL
    );
    ```

If you are using the MySQL Native Driver and MySQL 5.6 or later `mysqli_real_connect()`
will verify the server SSL certificate before connecting. If the SSL cert installed
on the MySQL server your are connecting to is not valid PHP will refuse to connect.
A flag was added to disable server certificate validation. If your server has an
invalid certificate turn on SSL and turn off validation like so:

    ```
    define(
      'MYSQL_CLIENT_FLAGS',
       MYSQLI_CLIENT_SSL |
       MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT
    );
    ```

#### Example Config

Aside from setting the normal MySQL connection parameters the minimum configs to
get SSL connections to the database will look something like this in `wp-config.
php`:

    ```
    define( 'MYSQL_SSL_CA', '/path/to/ca-bundle.pem' );
    define( 'MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL );
    ```

## FAQ

  Installation Instructions

For detailed installation instructions, please read the [standard installation procedure for WordPress plugins](https://codex.wordpress.org/Managing_Plugins#Installing_Plugins).

 1. Install and activate plugin, if the filesystem is writable the Secure DB Connection
    dropin will be installed for you automatically. If not proceed to step 2
 2. Symlink or copy the `db.php` file from the `/wp-content/plugins/secure-db-connection/
    lib/` directory to the `/wp-content/` directory.
 3. Set the relevant defines in your `wp-config.php` file.

#### Configuration Parameters

To adjust the configuration, define any of the following applicable constants in
your `wp-config.php` file.

 * `MYSQL_SSL_KEY` [default: not set]
 * The path name to the key file. (RSA Key)
 * `MYSQL_SSL_CERT` [default: not set]
 * The path name to the certificate file.
 * `MYSQL_SSL_CA` [default: not set]
 * The path name to the certificate authority file in PEM format.
 * `MYSQL_SSL_CA_PATH` [default: not set]
 * The pathname to a directory that contains trusted SSL CA certificates in PEM 
   format.
 * `MYSQL_SSL_CIPHER` [default: not set]
 * A list of allowable ciphers to use for SSL encryption. You can leave this blank
   if you want to just use the strongest available.

#### Turning on SSL

First please note, only the `mysqli` (MySQL Improved) extension is supported this
is the default extension used by WordPress however if you do not have the extension
installed WordPress will fallback on the much older mysql extension which does not
support secure connections.

Depending on your database configuration you may not need to set all the available
options. For example when connecting to RDS Amazon helpfully provides a certificate
bundle so once that’s downloaded to the server all that’s need is to set the CA 
option:

    ```
    define(
      'MYSQL_SSL_CA',
      '/path/to/rds-combined-ca-bundle.pem'
    );
    ```

Once SSL keys / certs have been configured you via the defines above define an WP
core constant to pass a use SSL flag to the mysqli client also in your `wp-config.
php` file.

    ```
    define(
      'MYSQL_CLIENT_FLAGS',
      MYSQLI_CLIENT_SSL
    );
    ```

If you are using the MySQL Native Driver and MySQL 5.6 or later `mysqli_real_connect()`
will verify the server SSL certificate before connecting. If the SSL cert installed
on the MySQL server your are connecting to is not valid PHP will refuse to connect.
A flag was added to disable server certificate validation. If your server has an
invalid certificate turn on SSL and turn off validation like so:

    ```
    define(
      'MYSQL_CLIENT_FLAGS',
       MYSQLI_CLIENT_SSL |
       MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT
    );
    ```

#### Example Config

Aside from setting the normal MySQL connection parameters the minimum configs to
get SSL connections to the database will look something like this in `wp-config.
php`:

    ```
    define( 'MYSQL_SSL_CA', '/path/to/ca-bundle.pem' );
    define( 'MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL );
    ```

## 評価

![](https://secure.gravatar.com/avatar/57c0527248cb033a796a4c05c147127d6e4ec01c397ee3e2ded7ddfa4b2f9d2a?
s=60&d=retro&r=g)

### 󠀁[Still working in 2023](https://wordpress.org/support/topic/still-working-in-2023-2/)󠁿

 [drinkmaker](https://profiles.wordpress.org/drinkmaker/) 2023年1月9日

The plugin has not been updated for a long time, but it still works!

![](https://secure.gravatar.com/avatar/50df8a4e9adf58d3e403176b9052a16ce23fa5a938e348942cb537f7e64770e3?
s=60&d=retro&r=g)

### 󠀁[Fantastic, works like a charm.](https://wordpress.org/support/topic/fantastic-works-like-a-charm/)󠁿

 [aberbenni](https://profiles.wordpress.org/aberbenni/) 2018年5月23日

Please add this to WP Core in 5.x!

![](https://secure.gravatar.com/avatar/f8d05a49b3a1b0d559c137f3355125b376f4b3e06d54810ff9929762b88a998f?
s=60&d=retro&r=g)

### 󠀁[Works Well](https://wordpress.org/support/topic/works-well-1094/)󠁿

 [Cato](https://profiles.wordpress.org/wp-cato/) 2017年6月23日

This works well and avoids the need to directly modify wp-db.php. Code is also well
written.

 [ 2件のレビューをすべて表示 ](https://wordpress.org/support/plugin/secure-db-connection/reviews/)

## 貢献者と開発者

Secure DB Connection はオープンソースソフトウェアです。以下の人々がこのプラグイン
に貢献しています。

貢献者

 *   [ hypertextranch ](https://profiles.wordpress.org/hypertextranch/)

[“Secure DB Connection” をあなたの言語に翻訳しましょう。](https://translate.wordpress.org/projects/wp-plugins/secure-db-connection)

### 開発に興味がありますか ?

[コードを閲覧](https://plugins.trac.wordpress.org/browser/secure-db-connection/)
するか、[SVN リポジトリ](https://plugins.svn.wordpress.org/secure-db-connection/)
をチェックするか、[開発ログ](https://plugins.trac.wordpress.org/log/secure-db-connection/)
を [RSS](https://plugins.trac.wordpress.org/log/secure-db-connection/?limit=100&mode=stop_on_copy&format=rss)
で購読してみてください。

## 変更履歴

#### 1.1.6

 * Cleanup GitHub repo, remove screenshot image
 * Minor code cleanup

#### 1.1.5

 * PHP backwards compatibility with versions prior to 5.5
 * Syncs DB connect code with WP Core 4.9 (Fixes https://core.trac.wordpress.org/
   ticket/41722)

#### 1.1.4

 * Update version numbers in file headers.

#### 1.1.3

 * Better PHP backwards compatibility.

#### 1.1.2

 * Only set MySQL SSL opts if secure connections are requested.

#### 1.1.1

 * Retag release to fix version inconsistency

#### 1.1.0

 * Fix status message for when DB connection is not SSL enabled
 * Automatically install and remove db.php dropin on activate / deactivate
 * Check and report status of dropin
 * Add i18n support

#### 1.0

 * Initial release

## メタ

 *  バージョン **1.1.5**
 *  最終更新日 **8年前**
 *  有効インストール数 **100+**
 *  WordPress バージョン ** 4.9またはそれ以降 **
 *  検証済み最新バージョン: **4.9.29**
 *  PHP バージョン ** 5.2.4またはそれ以降 **
 *  言語
 * [English (US)](https://wordpress.org/plugins/secure-db-connection/)
 * タグ
 * [db](https://ja.wordpress.org/plugins/tags/db/)[encrypted](https://ja.wordpress.org/plugins/tags/encrypted/)
   [mysql](https://ja.wordpress.org/plugins/tags/mysql/)[secure](https://ja.wordpress.org/plugins/tags/secure/)
   [ssl](https://ja.wordpress.org/plugins/tags/ssl/)
 *  [詳細を表示](https://ja.wordpress.org/plugins/secure-db-connection/advanced/)

## 評価

 5つ星中5つ星

 *  [  3 5-星レビュー     ](https://wordpress.org/support/plugin/secure-db-connection/reviews/?filter=5)
 *  [  0 4-星レビュー     ](https://wordpress.org/support/plugin/secure-db-connection/reviews/?filter=4)
 *  [  0 3-星レビュー     ](https://wordpress.org/support/plugin/secure-db-connection/reviews/?filter=3)
 *  [  0 2-星レビュー     ](https://wordpress.org/support/plugin/secure-db-connection/reviews/?filter=2)
 *  [  0 1-星レビュー     ](https://wordpress.org/support/plugin/secure-db-connection/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/secure-db-connection/reviews/#new-post)

[すべてのレビューを見る](https://wordpress.org/support/plugin/secure-db-connection/reviews/)

## 貢献者

 *   [ hypertextranch ](https://profiles.wordpress.org/hypertextranch/)

## サポート

意見や質問がありますか ?

 [サポートフォーラムを表示](https://wordpress.org/support/plugin/secure-db-connection/)

## 寄付

このプラグインが今後も改善できるよう応援しませんか ?

 [ このプラグインに寄付 ](https://cash.me/$xyu)