Home/ Questions/Q 4324364
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-21T09:07:21+00:00

My application is a website for online purchase. I (php server) will collect client’s

  • 0

My application is a website for online purchase. I (php server) will collect client’s requests and send them to the processing gateway. The gateway cannot directly talk to the clients, and it requires my authentication details to have communication with me. Because clients need to get immediate response from the gateway while online, so I have to put my authentication details in my server-side php script. I know that’s not safe. So how can I make it secure?

Thanks!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    A basic way to do this is put the auth details into a file maybe init.inc and place this file outside of the web root. So you might have 

     - \site_directory\ 
      - \secure_include\
           - init.inc
      - \siteroot\
           - \css\
           - \includes\
           - \images\
           - login.php

    This way at the very least if anything goes wrong with apache + php parser the plain text files will not be viewable in a web browser.

    • 0