[pmwiki-devel] encrypted pagestore?

[Ben Stallings]

I'm setting up a wiki for a client who is very concerned about his 
information remaining secure... the site will only be accessible via 
SSL, and only to logged-in users who have previously passed a security 
check.

The trouble is, the site is hosted on a GoDaddy shared server, where the 
only way to access the files is FTP.  I'm concerned that the FTP 
password could be intercepted and all the stored data -- which is 
unencrypted on the server -- downloaded in minutes.  I just got off the 
phone with GoDaddy, and setting up SCP or SFTP is not an option for 
their shared servers, only for the virtual private ones which cost 3x 
more.  So we're looking at changing the FTP password each time we use 
it, which is a hassle and doesn't protect the actual data from being 
intercepted during FTP transfer, should the client want to back it up 
off-site.  Clearly if he is serious about security, a different host or 
the more expensive hosting account is the only real solution, and I'll 
advise him of that.

However... my question is, has anyone looked into writing an encrypted 
pagestore, so that if wiki page files were downloaded or intercepted it 
would not be immediately obvious what they were or how to decrypt them? 
  I'm not very knowledgeable about encryption... what routine would be 
most useful for such a purpose?  Is this even a worthwhile venture?

Thanks in advance!  --Ben