473,397 Members | 2,084 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > website security

Join Bytes to post your question to a community of 473,397 software developers and data experts.

website security

134 100+
hello,

I am trying to create a website with a strong security.

I know I need a hash for my login system and I need to protect every webpage for SQL injection. But do you know any other types of protection which I should consider and which you recommend to use?

And for the hash, which way of encryption can you recommend? (I would highly appreciate a tutorial how to make sure the encrypt/decrypt system works properly)

To make some things clear I am going to sell some stuff on it, that's why I need a strong security.

Thanks in advance
Sep 21 '11 #1
3 1142
Rabbit
12,516 Expert Mod 8TB
If you're new to website security and you are trying to implement an e-commerce solution, I strongly suggest you use an open source solution such as zen cart.

Trying to create a solution from scratch when you don't know the concepts yet is asking for trouble. I can see attempting something of this magnitude for learning purposes where you're not actually using confidential data, but to attempt to do so with live data is risky.
Sep 21 '11 #2
michaeldebruin
134 100+
I know all the risks and stuff like that and I am also not saying that the website is going online. I just want to make a website to practice, so I know I can make one with a very strong security.
So please tell me if you know some answers on my question.
Sep 22 '11 #3
Rabbit
12,516 Expert Mod 8TB
Well, you'll want to use HTTPS for all the communication between the client and the server. As for the password, yes, you'll want to store the hash and not the plain text. MD5 is a popular algorithm but it is no longer recommended. I am partial to SHA2 myself. I learned to implement that from the pseudo code on the wikipedia page. It also has a couple of hash results that you can use to check if your implementation is correct. Having said that, PHP has hash functions built in so there's no need to implement your own.
Sep 22 '11 #4

Sign in to post your reply or Sign up for a free account.

Similar topics

0
tool that measures website security?
by: Faraz | last post by:
Hi, Is there any tool or application out there which when given an website url (maybe in ASP.NET) , it will run a comprehensive security test. So it would analyze all the known security threats...
.NET Framework
4
Website security without javascript or cookies
by: oopaevah | last post by:
What are the pitfalls of passing a token in the url once a user is logged on so I can remember who they are? I can easily implement this by adding &token=abcdefghijklmnop123 to each internal...
ASP.NET
1
Directory structure App_Code, Bin when using partitioned website and SSL
by: Frank Miverk | last post by:
Hi, I have a situation which I think is fairly common. 1. Public area 2. Secure area accessed via SSL e.g. MyWebsite/ /MySecureWebsite
ASP.NET
2
How to display Administer Website at Runtime through Application ?
by: Luqman | last post by:
I want to display Administer WebSite (Security Tool provided by Microsoft in Visual Studion 2005) at runtime, using my Application, without Visual Studio 2005, how can I ? Best Regards, ...
ASP.NET
2
Excel Interop & IIS: Permissions Issue: PlugPlayManager Security Failure
by: JimLad | last post by:
Hi, First of all I didn't design this website, but I have been asked to fix it with the minimum fuss! Website is using .NET on IIS6 with an Excel Interop to produce reports. The website...
ASP.NET
0
publishing a website security
by: Sunfire | last post by:
I was wondering exactly how secure publishing a website using vs2005 publish command would be with the make this website updatable box checked in the publish wizard compared to having it checked....
ASP.NET
2
compiled or uncompiled website security
by: Sunfire | last post by:
Is there any difference between an uncompiled and compiled website when it comes to security and safety? or is it all the same?
ASP.NET
0
Https website - security popup not getting disabled - page has a s
by: =?Utf-8?B?U3ViYQ==?= | last post by:
Hi In my application we have ssl turned on with load balancer. my page has a flash piece. so whenever the client opens the page a security warning pops up. I wrote a custom http response filter...
ASP.NET
1
Cross website security in iFrame - cannot host an app for client
by: =?Utf-8?B?QnJldHQgU2hlYXJlcg==?= | last post by:
I have developed a simple loyalty system that I would like to host for clients, but have it appear in an IFrame on their site. The security being used is 'out of the box' using the standard login...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!