Thanks Insite. Lots of good info in there. It would take me a year or longer to do all the things it mentions. I guess the goal would be to pick the 5 most important ones, and fix those. What are the five most important?
Anyway, I am in the middle of Dockerizing my app and have mysql in separate container from the php 7.2. So clearly I will need to modify the way my app logs in to mysql, such as using the container name. But since I am touching this part of the code, I figured it is a good time to take my userid/password out of the code and place it somewhere more secure.
Perhaps this is a question for the Docker people? One idea is to make env variables out of them and pass them into the container in the docker-compose.yml?
proof that an old dog can learn new tricks