G'day Is there anything stopping my host technitians from looking through the amember database? I'm gathering since they have root access, they can see what the password to amember's database is from config.inc.php Any solutions to this?
You are correct that there are a couple of ways your data is vulnerable. 1) if they have access to the dB through other means (super admin) 2) if they have access to your files in a higher privileged state they can use the credentials in your config.inc.php to access the Db. My perspective is that if you do not trust your host / technicians I would suggest hosting somewhere else.
I love my host (hostgator). they give amazing support. I'm not so paranoid anyway. Perhaps a crude monitoring solution could be to have some kind of logging mechanism which emailed a "history" of commands.