Site security

A

Anonymous

Guest
I need to build a site in PHP with the maximum allowed security.
I know how to manage sessions, security problems regarding $_GLOBALS variables (commented in php.net) and so on, but I don't know if it is enough.
I don't find in php.net (neither in google) anything about https:// (secure http) in PHP.
Does PHP allow it?
How can I learn about it?
I guess this is the correct forum to make this post.

Thanks in advance.
 
its Apache that has to allow it, not php: php will work with anything..
you simply need to enable mod_ssl and have an SSL certficate to be able to run in HTTPS mode..
 
Alexei Kubarev said:
its Apache that has to allow it, not php: php will work with anything..
you simply need to enable mod_ssl and have an SSL certficate to be able to run in HTTPS mode..
Click to expand...

Where can I learn to do that?


Thanks for your answer.
 
http://httpd.apache.org
Go to documentation => mod_ssl

http://www.openssl.org

Note that SSL certificate is not free of charge.
Self generated SSL certificates are free but will show a warning dialog to the user..
 
you need to tell your hosting provider about SSL website, and then you'll need to have a certificate issued from the CA (Certificate Authority) like Verisign, Thwate, etc.
 
It really is important to be able to implement a very tight security for your pages as the last thing you would want to deal with would include private data being available out to the open.

While security is a dynamic and evolving technology, that makes way for you always employing new and strict techniques to save your system.
 
Adjusting your php.ini file can effect security also.

Flick through there and google anything you don't understand on it.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14 Year Old Programmer & Graphic Artist, Confident and Courageous
 
There are also some software that can scan your site for security holes, I can recommend some if you need.
 
You must log in or register to reply here.
Back
Top