View all products
Compute
Storage
Networking
Databases
Services
Solutions
Pricing
Library
Technical Resources
Community
Marketplace
What's New
Community Questions Secure Login in HTML/PHP
Log in to Ask a Question

Secure Login in HTML/PHP

development

Hi,

in my website i have a login form, and i do this:

<form class="user-form" action="login.php" method="post">

to send information to server, and in the server i do this:

`
$username = $POST['user']; $password = $POST['psw'];
````

to get the information, and then i store the information securely on my database with salt etc…

My question is how i can protect the information that will be send from the page to the server with the $_POST? there is something to encrypt and not send it clearly?

Thanks

```

5 Replies

I assume you're looking for https://, which you control at the httpd level, not PHP.

What httpd software are you using (Apache, nginx, lighttpd, etc)?

Also worth noting if you're storing passwords in a DB, don't deal with 'salting' and stuff on your own, assuming you're using even a slightly old PHP, you should have support for password_hash(), use that for your passwords.

Yes i use also password hash, i have apache

I don't know what distribution you're using but assuming it's Ubuntu check here https://www.linode.com/docs/security/ss … -on-ubuntu">https://www.linode.com/docs/security/ssl/ssl-certificates-with-apache-2-on-ubuntu if not have a search through the Linode docs.

yes i have ubuntu, i already have found that guide, i have to read the Self-Signed SSL Certificate part? on the https page will be only my login page? or all website?

You should get a commercial certificate otherwise your users will get a warning from their browser. What you need to secure depends on your site, but if in doubt secure the whole thing.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct