Secure website..

[wizzuriz]

Hello jacek,

I see that you sell a Advanced PHP Protection and I was thinking of buying it, however I would like to know if you could tell me If I should combine it with the session management to prevent session replay attacks.

I could ask in a different way also, What would you recommend If I want to set up a very secure website until I can afford SSL.

I would need 5 profiles types, where 1 is super admin 2 is admin, 3 is moderator, 4 is user type 1 and 5 is user type 2.

Please let me know what you would recommend, or even better what it would cost to have to make a very secure system if you possess the skills to make such a system...

best regards
Wizzuriz

[LiquidFusi0n]

I personally would recommend coding it yourself (I haven't seen Jacek's secure system, but I imagine its a steal for the price).

Also SSL is not really the end of the world, the chances of a website trying to pretend to be you are slim (In most cases). And on the encryption side it has no benefit, anyone with some skills and SSLStrip on your clients local network can defeat the encryption.

I hope this helps, maybe look into a popular CMS and modify it, word press for example.

--LiquidFusi0n

[jacek]

I hope this helps, maybe look into a popular CMS and modify it, word press for example.

It's a hard question to answer, I think that the best thing to say is that to make it secure, you just need to not make is insecure. So be careful with your coding and user data and you should be fine.

Do you have any more specific examples / questions ?

[EcazS]

Whatever you do, don't use Wordpress.