Home/ Questions/Q 8237169
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T19:23:05+00:00

I am working on a wordpress plugin. My plugin requires some data to be

  • 0

I am working on a wordpress plugin. My plugin requires some data to be transferred from user’s wordpress to my site (on server side). I can use cURL for that but I want to provide little security. I cannot use HTTPS or SSL because this data is not that sensitive which worth paying for certificates. How can I do that? Some public-key private key algorithm or something? And in which format should I transfer data? They are few strings.
Can you suggest me a secure way for this? I am concerned about MITM attacks.
Thanks.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I am using following approach to transfer secure data over HTTP.
    Data is a Request object, which I am serializing. Now this serialized object is encrypted using mcrypt_encrypt() as below

    $encrypted=base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key))));

    as mentioned here and POST that encrypted data to my host using curl.

    On my host, I decrypt the data using

    $decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($encrypted), MCRYPT_MODE_CBC, md5(md5($key))), "\0");

    and then unserialize the object. I am also adding salt for greater security.

    For more detailed explaination, you can visit this post

    • 0