Iam searching for an good implementation to protect my Backend written in PHP. Scenario:

Question

0

Editorial Team

Asked: June 15, 20262026-06-15T00:53:00+00:00 2026-06-15T00:53:00+00:00

Iam searching for an good implementation to protect my Backend written in PHP. Scenario:

0

Iam searching for an good implementation to protect my Backend written in PHP.

Scenario:

Server 1 (www.domain.com)
Servers only JS/HTML to the Client

Server 2 (www.domain2.com)
Is Running an PHP Server wich is responding to Server 1 with JSON Data (rendered by an Javascript Template engine on Sevrer1).

How can i stop others to grab the JSON Response from Server1?
I know i can add somekind of API key but it is stored in JS (everyone can read it), i know i could check if the request is from Server 1 IP, but it is not a big deal to fake such a request.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-15T00:53:01+00:00

Making internal calls from Server1 to Server2 is a solution, not exposing Server1 to the internet, and adding it to a private network might help.

Even if someone works around a way out, you could add validations like making sure that the request origin is from the authorized source (in your case Server2).
If the request origin is from another source, simply return without processing.

If you’re still paranoid about it, you can always keep adding more mechanisms like hash-based message authentication code

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Iam searching for an good implementation to protect my Backend written in PHP. Scenario:

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply