Would u teach me how to setup the OpenSSL and the engine for the apache web
server in order to achieve the 128 bits SSL protection?
Actually, I have tried so many times but still failed to do so...
First of all, there were errors occurred when I compiled the Openssl engine,
It seemed looking for a wrong file paths itself, however, I don't know how
to correct it...
Would u like to help me please? thx a lot
"Bahwi" <[EMAIL PROTECTED]> glsD
:[EMAIL PROTECTED]
> That's a big question.
>
> The most secure way, using either mcrypt or PGP, is to have an
> application on the client's side that does the encryption and the
> decryptiong. This is probably the best solution. Heavily encrypt things
> on both sides, and this assumes the client side is secure.
>
> Barring this, you're going to have holes no matter what. Especially with
> man in the middle attacks (MITM).
>
> Use SSL, 128-bit SSL. This will help the most.
>
> The next best thing is to store it in session variables, but build your
> own system perhaps, and yes, encrypt it lightly with some system and a
> system passphrase. Clean up the sessions as soon as possible. And store
> a bunch of other data in there. Perhaps store the passphrase as the
> variable 'Height' or 'Bytes' or something, and store 'Password'
> 'Passphrase' with dummy data. Not too much, you want to throw the person
> off as much as possible.
>
> Then, you need to obfuscate or preferably, encode your script so know
> one can figure out your scheme. Hope this helps some.
>
> --Joseph Guhlin
> http://www.josephguhlin.com/
> Web Programmer / Unix Consultant / PHP Programmer
>
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to