Alireza Noori
Reputation: 15275
Create a secure admin-only section for a php website
I have created a website and I want to create a control panel for it. Apart from the obvious login for the admin, could you please name a few common practices to make this part of the website more secure? I mean the techniques that are used different in these kind of pages from those in the normal (user) pages.
Upvotes: 3
Views: 977
Answers (1)
Dan Kanze
Reputation: 18595
You want to focus on keeping your credentials safe:
- Use htmlspecialchars() on anything sent to your server to prevent XSS.
- Use cryptogrpahic functions like SHA1() + Salt for your user passwords.
- Use Anti-CSRF Token's.
- Use Paramaterized Queries or Prepared Statements for database calls.
- HTTPS never hurts.
Upvotes: 3
Related Questions
- How to make secured login page (https)
- How to secure Admin Panel in PHP?
- Secure admin system with hiding admin URLs
- PHP 5 - Securing an admin area of a site
- Securing my website admin area
- Securing my own administration panel
- Securing a website
- securing my admin page that accesses several php files
- What is the most secure way to setup an admin area in PHP?
- Securing administrative section of my website