Send requests to different servers - securely

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
dimxasnewfrozen
Forum Commoner
Posts: 84
Joined: Fri Oct 30, 2009 1:21 pm

Send requests to different servers - securely

Post by dimxasnewfrozen »

I have SERVER-X that preforms a task.

When it's completed, I want to send a request to SERVER-Y that inserts a DB record on that server. SERVER-X can easily make a curl request to update the records however this terrifies me. Anyone in the world could make this request millions of times.

Is there a way to do this securely? My initial thought was to use a white list of accepted servers however that could also be spoofed. Is there a hand-shake token mechanism I could use?

Thanks!
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Send requests to different servers - securely

Post by Christopher »

There are a number of ways to make authenticated request: RPC, SOAP, OAuth, etc. Use HTTPS of course. You can always just require a User ID and Password hash.

I'd recommend finding a library in active development and use by the community. Check the large frameworks, such as Zend or Symfony, for this. Do not write it yourself -- security requires a lot of continuous testing and oversight to get right.
(#10850)
Post Reply