But doesn't SSL seem like a small cost in the light of all the credit card fraud stories going around?
I took Matt's advice when I set up this kind of error logging for a customer a few months ago. I already had an area of the website with security in order to process credit cards, I added an admin login area there to browse error logs. I do NOT want credit card numbers leaked from any of my sites, OR my customer's Verisign password or login (which MIGHT be kept in a request variable and therefore dumped with the error logging info). Thanks Matt! I use most of your logging code also -- nice stuff. Michael Dinowitz wrote: >Email is about as secure as a standard web page is and I don't know many >people who have 'real' security for their logs, admin or the like. SSL costs. > > > >>Something you might want to consider is that, if you are emailing >>errors to yourself via cfdump, those dumps could contain info that >>you >>might be a little leery of sending free/clear over a non-secure email. >> >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:212052 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
