httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Newbigin>
Subject Keeping PHP Database passwords secure
Date Mon, 17 May 2004 01:11:00 GMT
I am hoping that someone on this list might be interested enough to have 
a look at a security question for me.  Some background and code is 
provided on this page:

I have written an apache 1.3 module which stores a list of passwords and 
can dish them up to php scrips.  I have some questions about the 
security of this scheme, mostly about the ability to forge/spoof the 
main URI (mostly from a php script).

Other comments are also welcome.


John Newbigin - Computer Systems Officer
School of Information Technology
Swinburne University of Technology
Melbourne, Australia

View raw message