Re: Secure Java with PHP?
If you are that worried about it, use putty and tunnel the connection your self.
If you write a PHP tunnel that would only encrypt the data on the server side.
SSL already encrypts your data, so if you are that worried about the network you are running it on, don't use it.
If you know the network admins, its a good chance that they don't sniff out the packets of everyone and figure out passwords/ssn/CC #s. Where I work, they are strict, not stupid.
Re: Secure Java with PHP?
Well, the fact is.. this is a website that people have to be able to access were ever they are.
Its for a RemoteLinux box that they use.. And all they need is a webbrowser.
Thats why I cant use PuTTY. And why I wanted to use PHP.
Re: Secure Java with PHP?
I have seen the exsistance of a java based SSH client. Prehaps you should investigate that?
Although, since you have SSL already, you should be fine. I believe its 128bit encrypted no? Someone check that please.
Re: Secure Java with PHP?
Well php is not the most secure language, yet you can do alot to make it secure as possible. To my knowledge, there are not php SSH functions. I will do a google search though.
Re: Secure Java with PHP?
How is PHP not secure?
PHP is like Java in some ways, especially when you have safe mode on.
PHP itself is very secure, its the scripts that people write that make it insecure.
http://us3.php.net/ssh2
Re: Secure Java with PHP?
if you dont configure php correctly, then it can be secure. ASP.net is more secure then php.
Re: Secure Java with PHP?
Quote:
Originally Posted by dclamp
if you dont configure php correctly, then it can be secure. ASP.net is more secure then php.
I think you ment to say "if you dont configure php correctly, then it can be insecure."
Actually, I think PHP defaults are pretty secure.
Re: Secure Java with PHP?
haha. oops. Thats what i meant.
Well there are some settings that need to be change in the php.ini before it is fully Secure.
Re: Secure Java with PHP?
Quote:
Originally Posted by dclamp
if you dont configure php correctly, then it can be secure. ASP.net is more secure then php.
Either is as secure as the code you write.
The -recommended INI file is the better default configuration for PHP (obviously).
There is also a project called Hardened-PHP which purports to secure it even further. Personally, I think the modifications they do are of little practical use to most server administrators.