Skip to content Skip to sidebar Skip to footer
Home / Android Studio / Mysql / Php / Security / Server

Protecting SQL Server For Private Usage

Post a Comment
So I have an issue. I have a server, lets call it (testserver.net). Right now, to change the database, from my application, my app runs 'testserver.net\add.php'. The problem is any

Solution 1:

create a token : 1MBASFDFACAUYTUG^%(!@UUIASNSR*_-+LASQWFVSA4QWYUI12670 ,save this token safely with in your application.

Whenever you want to call the add.php pass the token like :

testserver.net?token=1MBASFDFACAUYTUG^%(!@UUIASNSR*_-+LASQWFVSA4QWYUI12670

add.php

$secret = $_POST['secret']; //use post or get
if($secret != $mySavedSecret){
    die('intruder!!')
}

Solution 2:

Place you add.php file in separate folder and password protect it, or you may use Password protect a specific URL solution


Solution 3:

You need to perform Authentication followed by Authorization. In PHP there are many frameworks which support this.

pls check this for basic authentication

https://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html

or you can use popular frameworks and follow their tutorials to perform this.

check this php micro framework Slim


Post a Comment for "Protecting SQL Server For Private Usage"