PHP - Passing data from a site to another site securely

后端 未结 3 1479
走了就别回头了
走了就别回头了 2021-02-06 06:20

I have a site that can take requests from multiple sites. Sort of like a upgrade check. These sites will send info like user names, passwords, app version etc, then my site will

3条回答
  •  情歌与酒
    2021-02-06 06:55

    Security trough obscurity does not work, and using POST in stead of GET only makes the information slightly harder to snatch up if you're actually looking the user over the shoulder.

    The real issue here is preventing people from intercepting the traffic in transit between the servers. The only way to deal with that is encryption, such as SSL. It's a good idea to always try to use SSL when you're transmitting sensitive information like passwords. This can be slightly harder to implement, but it's definitely worth it in terms of security.

    However, the best way to keep sensitive data from being snatched up is to not transmit it in the first place. Consider whether it's an option to have your application check for updates without transmitting a password. If an update is available you can send the user to a webpage using HTTPS to download the update, which saves you the trouble of implementing SSL yourself.

提交回复
热议问题