Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how to: make my website secure

Status
Not open for further replies.
zyrag

zyrag

IS-IT--Management
Dec 4, 2002
252
PH
i'm planning to setup a website in which data from the branches will be uploaded daily. on the next day, head office will download these files for processing.
how do i make it secure, in a way that, members of both branch and head office will be the only group that can enter into the site and can access the files on it? it would be better if u could navigate me to a site which could help me understand security issues over the web.

thanks,
 
Sort by date Sort by votes
If you are planning on processing it all by hand then you could do the following:-

Give each user a login to the admin section, allow the to upload a file to the server from a form.

Give admin-user list of files on server, with link to download each file. OR create a large file by adding the contents together. "fopen +w" to append to a file.

This way is good for automatic systems

What platform are you hosting on?

Does the system creating the data have an FTP option or can you get one?

Doing something with a friend on FreeBSD server, client is automatically FTPing property info to Asserta(UK property portal), and wants it on their own website aswell. Setting up FTP accounts in BSD for upload, setting username, passwords (case sensitive) and group. See
Protecting access to home directory to user and administration group, so files can be uploaded by user and read only by system.

You could also start a cron job to archive the files off, just incase.
 
Upvote 0 Downvote
thanks to you. what makes the difference between using php through form and using ftp, in general, not just security?
 
Upvote 0 Downvote
FTP is a completely separate protocol, as such it requires other programs. If you really want security though, FTP wouldn't be the protocol of choice either, as the passwords are sent in plain text.
But, assuming that you would want to run this thing through a website, do you know the IPs/IP ranges that the branches has? If so, you could limit access to these IPs/IP ranges and all else wouldn't be allowed to view the site. //Daniel
 
Upvote 0 Downvote
what particular FTP server and client would you suggest? i'm planning to setup my server with the configuration below:

SErver:
REd Hat Linux 7.3
Apache Server 2.0.44
PHP 4.3.1
Mysql Server 4.0

client PC will be using win98 SE, i would prefer GUI ftp client if there's one, and for free.

no. of branches: 50
no. of users per branch: 5, but only 1 pc for file uploading
each branch is typically using IP addresses as 192.200.0.x.

from danielhozac:
-- But, assuming that you would want to run this thing through a website, do you know the IPs/IP ranges that the branches has? If so, you could limit access to these IPs/IP ranges and all else wouldn't be allowed to view the site.

-- Do i need to setup a company's domain and make these branch PC's members of the domain?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

R
  • Locked
  • Question
How Can I Use MySQL To Send Data To An Email
Replies
1
Views
817
Chris Miller
Chris Miller
W
  • Locked
  • Question
how to send checked row data in php
Replies
0
Views
588
wiltang2004
W
P
  • Locked
  • Question
JPgraph - How to stop a line graph from dropping to zero?
Replies
2
Views
880
Chris Miller
Chris Miller
mervgh
  • Locked
  • Question
My own custom error handler
Replies
1
Views
625
Chris Miller
Chris Miller
rogerte
  • Locked
  • Question
How to parse associative array
Replies
13
Views
3K
Chris Miller
Chris Miller

Part and Inventory Search

Sponsor

Back
Top