|
Joshua Ginsberg
listspam at flowtheory.net
Tue Apr 25 19:14:47 EDT 2006
> Ironclad. I collect a lot of personal information about people > (including myself) and I don't want anybody else gaining access to > that. My suggestion then is that you encrypt in your database the personal information about people where the key is the SHA1 digest of the user's password. Make sure, of course, when you store their password, it is stored using a different family of hashing algorithm. Then when you need access to their personal information (e.g. credit card information) prompt them for their password again and use it to decrypt their record. This is not entirely bulletproof -- anybody who can inspect the running memory on your server can find this information -- but if your server is 0wn3d you're pretty hosed anyway. > Login over https, send two cookies, each with a signed SID, one cookie > with secure enabled. Set the secure cookie with the path (say /secure) > where everything needs to be done with https. Generally good practice. It takes some care to ensure that possession of the insecure SID does not gain the user access to the secure SID or any information that the secure SID is required for. > One thing I'd love to know how to do though, is make sure all links > pointing to the /secure directory use https. I use purely relative > links inside my website because it makes moving code from development > server to production server and back really easy. Probably you could > do it with mod_rewrite. Investigate the SSLRequireSSL directive. -jag
|