Encryption/Secure Web Pages - how do you?

conjurer

A potential client I have been talking with about a website has a couple pieces they might need to have encrypted.

They have one area they want a user login/password thing for access to, but once in the information will contain employee names, addresses, phones, and other info...so they are thinking we should make the data secure as it goes out over the Internet to the end user.

They are also thinking they would like patients to complete registration data and send it back to them.

I have just started looking at secure data and am no where close to being up to speed on this part. Anyone know some good tutorials?

I am just starting to work with sessions and would be able to handle setting up the login procedures and validating the user while they query the info. What more would I need to be thinking about to make sure the info they pull is secure?
And the patient registration piece-how do we make sure it is transmitted to client in secure fashion.

etully

conjurer wrote:
no where close to being up to speed on this part..

The best possible thing you can know about security is when you're in over your head. Seriously. You're way ahead of lots of other people because you know where you stand.

The funny thing about security is that it's not that hard to do it right... and it's really really really easy to do it wrong. And when you get it wrong, it will be extremely embarassing.

The short answer to your queries is that you're going to want to use .htaccess to password protect a directory and you're going to want to get an SSL cert (and have your ISP install it) to encrypt the web traffic.

The long answer is that there are lots of opportunities to screw this up. A good tutorial might be a good place to start but experience is the best teacher and it would be a good idea to work along side someone who has done this before to make sure your bases are covered.

For example, some people are going to tell you to get an SSL cert and all your troubles will somehow be magically solved. The problem is that the SSL cert will only encrypt the customer's data as it's being transfered across the Internet. Once it arrives at your server, it's decrypted and it sits, just waiting for a hacker to exploit your server and read the customer data. You'll need to plan for what you're going to do when the customer data arrives decrypted at your server. Will you encrypt it again and write it to a text file? How will employees of your company obtain that data? Will they read it from the server or decrypt it on their local computers? Will you store the decryption key on your web server or will the web server be incapable of decrypting the customer data?

What happens if a disgruntled employee leaves your company and knows how the web server is designed and organized? Are you confident that that knowledge won't benefit him? How do you design the server so that inside knowledge doesn't help at all? If your server is exploited, how will you know? That is, if someone is reading some data that they shouldn't, could that go on for years without you knowing?

With practice, it's really not very hard to make your web site secure... but building a live site for a client isn't the time to learn.