Server/Security Question
- Started
- Last post
- 3 Responses
- NegativeSpace
A company I do print and some website design work wants to make a registered users only area of their website. But they want the information to be stored on a secure server because some of the info is sensitive (not credit cards or anything). I was hesistant to do it because I normally don't do much work like that (basic php stuff is about as far as I go usually). They were told that the secure element of the site is as simple as purchasing a certificate and making the urls https://
Can anyone confirm this or point me to some resources that could help me learn how to handle this sort of thing?
Thanks.
- QuincyArcher0
well...it's not THAT simple, but it's not particularly difficult either.
what you're talking about are SSL's. You can buy them from either Verisign, or Network Solutions.
there are other things you can do to secure the site as well. like using SQL stored procedures instead of writing out SQL commands in the PHP code.
Security is heavily dependant upon the server, and how the site is set up, though. you're asking a bit of an openended question...
- NegativeSpace0
I suspected there was some scripting aspect of some sort that had to do with the security, like you mentioned that there was a way to do operations local to mysql. Thats why I was hesitant to do it.
They are getting a new host, so they could essentially go with whatever options they needed at this point. i wish I knew more about this stuff but what sort of things would you recommend having setup.
- UndoUndo0
on linux htaccess is a very good and simple way of securing the server and its directories and files.
from my experience SSl attract attention, so if its not absolutely necessary consider using htaccess and htpassword files. hosts often given really simple setup solutions for these (mt do)