Sorry, it was late at night. I'm glad you have the SSL and everything
else already taken care of.
What I meant was for you to build your own session system, so that it is
secure, instead of using PHP's built in session system. Someone once
said that it has a 1% chance of cleaning up the session
Thanks Bahwi,
I agree with you regarding the client-side aspect.
But since we are talking about a regular web-based
application in php I think I will have to deal with
that.
The other security concerns are already addressed,
such as the use of SLL to encrypt the traffic and
possibly the use of a
Sorry, OpenSSL is base in FreeBSD, so I didn't have to set it up myself.
You can check www.openssl.org and www.apache.org. You still have to buy
a cert though. For that, try:
www.verisign.com
and www.instantssl.com --- seems alot cheaper, no experience with them
however
But chances are your be
Would u teach me how to setup the OpenSSL and the engine for the apache web
server in order to achieve the 128 bits SSL protection?
Actually, I have tried so many times but still failed to do so...
First of all, there were errors occurred when I compiled the Openssl engine,
It seemed looking for a
That's a big question.
The most secure way, using either mcrypt or PGP, is to have an
application on the client's side that does the encryption and the
decryptiong. This is probably the best solution. Heavily encrypt things
on both sides, and this assumes the client side is secure.
Barring thi
Hi,
I need to develop an application where the protection
of the data (to be stored on a database) should be
very important (perhaps the principal requirement).
THe goal is to have the data stored in a way that even
the admin or anyone that hacks the web and/or database
server could not (or easil
6 matches
Mail list logo
