Securing a web page with certificate of some sort?

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
svmm
Forum Newbie
Posts: 1
Joined: Fri Sep 25, 2009 3:21 pm

Securing a web page with certificate of some sort?

Post by svmm »

Hello,

I'm in the following situation:
I have a running web site which displays a lot of information from a database. This information is available to all users. There is functionality to add new information to the database, however there is only one user (let's call him admin) that is supposed to do that.
What I'm looking for is a way to secure the functions that this admin is using to add information in a way that those functions can be called only from a certain computer (his own). I'm open for all kinds of ideas that can make this idea work.
My own idea is to use some kind of certificate on this computer and all the functions will check if it is available before continuing their execution. So any materials/links on how to make this possible or even better ideas are welcome!

Thank you!
User avatar
Robert07
Forum Contributor
Posts: 113
Joined: Tue Jun 17, 2008 1:41 pm

Re: Securing a web page with certificate of some sort?

Post by Robert07 »

If you want to restrict a certain functionality to one computer you can put their IP address in an .htaccess file and allow connections from only his IP address for the files in a certain folder on your server. That may be easier than the plan you proposed.
User avatar
kaisellgren
DevNet Resident
Posts: 1675
Joined: Sat Jan 07, 2006 5:52 am
Location: Lahti, Finland.

Re: Securing a web page with certificate of some sort?

Post by kaisellgren »

If these administrative operations can be called from one computer, then using client certificate authentication is a good choice to take. No one else will be able to do those operations unless they got an access to this computer/certificate.
Post Reply