Secure website..

Ask about a PHP problem here.
Post Reply
wizzuriz
Posts: 53
Joined: Mon Jul 25, 2011 4:22 pm

Secure website..

Post by wizzuriz »

Hello jacek,

I see that you sell a Advanced PHP Protection and I was thinking of buying it, however I would like to know if you could tell me If I should combine it with the session management to prevent session replay attacks.

I could ask in a different way also, What would you recommend If I want to set up a very secure website until I can afford SSL.

I would need 5 profiles types, where 1 is super admin 2 is admin, 3 is moderator, 4 is user type 1 and 5 is user type 2.

Please let me know what you would recommend, or even better what it would cost to have to make a very secure system if you possess the skills to make such a system...

best regards
Wizzuriz
LiquidFusi0n
Posts: 9
Joined: Sun Oct 02, 2011 1:12 am

Re: Secure website..

Post by LiquidFusi0n »

I personally would recommend coding it yourself (I haven't seen Jacek's secure system, but I imagine its a steal for the price).

Also SSL is not really the end of the world, the chances of a website trying to pretend to be you are slim (In most cases). And on the encryption side it has no benefit, anyone with some skills and SSLStrip on your clients local network can defeat the encryption.

I hope this helps, maybe look into a popular CMS and modify it, word press for example. :)

--LiquidFusi0n
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure website..

Post by jacek »

LiquidFusi0n wrote:I hope this helps, maybe look into a popular CMS and modify it, word press for example. :)
:!:

It's a hard question to answer, I think that the best thing to say is that to make it secure, you just need to not make is insecure. So be careful with your coding and user data and you should be fine.

Do you have any more specific examples / questions ?
Image
User avatar
EcazS
Posts: 789
Joined: Fri May 06, 2011 5:29 pm

Re: Secure website..

Post by EcazS »

Whatever you do, don't use Wordpress.
Post Reply