Re: ASP Form Security
From: CJ Llewellyn (invalid_at_example.con)
Date: 12/06/04
- Next message: Andy Hassall: "Re: $HTTP_SERVER_VARS['SCRIPT_FILENAME'] - getting all GET vars too?"
- Previous message: Andy Hassall: "Re: Need opposite of array()"
- In reply to: vanstory_at_gmail.com: "ASP Form Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 6 Dec 2004 21:43:02 -0000
<vanstory@gmail.com> wrote in message
news:1102360209.874360.23720@z14g2000cwz.googlegroups.com...
> So I've created an ASP form which submits information to a mySQL
> database table. This information will be downloaded via ODBC on a
> daily basis. Now some of this information is stuff like credit card
> numbers. What are my options as far as securing the form submission?
> We will also be looking for a hosting company, so any suggestions of a
> company that would work with us on getting this setup, would also be
> helpful. Thanks a lot!
>
1) Scrap your Windos server and ASP pages
2) Rewrite your pages in php bearing in mind all the security points listed
in the documentation
3) You need to run a Web Server that has a Digital Certificate, which
basically means a dedicated server.
4) Use Secure Shell port forwarding to download the MySQL data
Altenatively consider using a 3rd party credit card processor such as Paypal
or Worldpay.
- Next message: Andy Hassall: "Re: $HTTP_SERVER_VARS['SCRIPT_FILENAME'] - getting all GET vars too?"
- Previous message: Andy Hassall: "Re: Need opposite of array()"
- In reply to: vanstory_at_gmail.com: "ASP Form Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
