Page 2 of 2 First 12
  • Jump to page:
    #16
  1. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Feb 2001
    Location
    USA
    Posts
    830
    Rep Power
    14

    user authentication


    Your question and suggestion are both interesting. I have no idea where the threat may be; I don't know anything about hacking, i.e. I don't really know what snooping means or consists of or anything like that. All I know is that I am programming a site for our client which will have information that is private to the client organization, so should only be accessible to members.
  2. #17
  3. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2001
    Location
    Manchester, UK
    Posts
    80
    Rep Power
    14
    hi,

    i feel that security is a big issue (hence an SSL enabled server) but at the same time, paranoia will make send me to the funny farm trying to get some basic stuff to be completely secure.

    my view point was simply what would the implications be of someone viewing (snooping) the data i am sending and receiving from the server. credit card details & personal information are secured either via SSL (for web) or SSH for command line access. when i am making updates to the product descriptions or anything else that is public knowledge anyway i simply use the "alternative" port method.

    so, for members only access i guess it depends on what the members are accessing and who they are. talk it through with your client and ask them to rate the sensitivity of the data being accessed (i like the -5 to +5 scale, makes people react a little differently than 1-10 ) if it's 1 or more, go for SSL otherwise i would council against SSL simply for a less complex solution with lower costs (ongoing & support) and an easier httpd config.

    hope that helps - robert.
    Robert.
Page 2 of 2 First 12
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo