none
How to secure my PHP web service when using with HttpClient? RRS feed

  • Question

  • Hi,

    I have a PHP web service and I am using HttpClient to get and post

    I want to know how can I secure it?

    because right now, anyone can call http://www.domain.com/ws/getallmembers.php and they will get all members so how can I make sure only authorized people can get that?

    kindly guide..

    Thanks,

    Jassim

    Sunday, December 17, 2017 7:00 PM

All replies

  • Either use authentication mechanism offered by your web server, or create a webservice that generates a token on successful logon, then requires the token be passed on each request or fail it.

    Of course, the first thing you'll need to do to secure the webservice is to protect it with HTTPS.

    Monday, December 18, 2017 2:40 AM
    Answerer