Jump to content

Archived

This topic is now archived and is closed to further replies.

hostfreak

Security Suggestions

Recommended Posts

I am just wondering the bare minimum security steps that should be taken to prevent the numerous security issues involving a php/mysql system. I am aware of the basics/more advance etc, but the system I am making will be handling ssn #'s, license numbers etc. So I know I need to look into ssl? Any resources to more information on that would be grateful. The system will only be accessible to authorized users, so I don't think user input besides the login is much of a concern security wise. I will be using sessions, cookies etc. I know this is such a broad question, I am not really looking for anything specific. Just advice concerning the issue of security I guess. More so for a system that handles ssn #'s etc. Any advice, resources etc are greatly appreciated. Thanks in advance.

Share this post


Link to post
Share on other sites
Definitely use SSL. And I believe you would also need to look into Federal Laws and liablity when dealing with SSN's.....

Create an encryption method using keywords that you define as part of the encryption, before storing them in the database. Then reverse this process when retrieving them. Write the encryption class in it's own file and use something like Zend encoder to encode that file. :-)

Share this post


Link to post
Share on other sites
Thanks so far. I will look into the laws around here. Do you know of any good resources for ssl? Isn't is possible to make your own ssl cert. instead of buying one?

Share this post


Link to post
Share on other sites
Sorry to bump this thread, but I was wondering if anyone else had any other suggestions? That and the board seems to be going a little slow right now (not many new threads) :) so figured might as well bring this back up.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.