Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
I am creating a webshop and it is required that the customer enters his bank account information at some point. I want this information to be secured or encrypted before sending it over to my server.
1. Is SSL what I need?
2. I have libCurl with SSL support on my server. But how do I use it, or is it activated automatically and I dont have to do a thing?
OK.
I still wonder what I will do with that certificate (e.g. I downloaded a certificate from the PayPal developers central), do I have to code anything or is all security work done by my server dudes...?
Actually I can't talk to my server ppl because we will switch servers to someone yet unknown. I'd like to know what Im talking about...
SSL is mostly just the connection handling, which is outside of php's control area, for the most part. You must still handle the data passed in very carefully to comply with the banking industries security and safety standards for handling customer financial information.