SitePoint Sponsor

User Tag List

Results 1 to 7 of 7

Hybrid View

  1. #1
    SitePoint Wizard johnn's Avatar
    Join Date
    Mar 2001
    Location
    Southern California, USA
    Posts
    1,181
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Security Alternative tip in Tech Times

    There is a good tip on Website Security Alternative for e-commerce sites in Tech Times 15 by reader John Warren.

    I would like to know your comment on it. Do you consider to use his way? or improve to make it more secure?

    Thanks,
    John
    Last edited by johnn; May 25, 2001 at 21:11.

  2. #2
    SitePoint Evangelist thewitt's Avatar
    Join Date
    Apr 2001
    Posts
    468
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Can you summarize it? Is it on a website or just a printed version?

  3. #3
    SitePoint Zealot
    Join Date
    Sep 2000
    Location
    Seattle, WA area
    Posts
    104
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Here's the tip, in its entirety (let me know if this isn't okay, mods (I'm thinking it should be, as it is your site)):

    *****************************************************************

    ----- Website Security Alternative -----

    This issue's tip comes from dedicated Tech Times reader John
    Warren, who writes with a simple and secure method that he has
    developed for handling his clients' credit card details online.


    Hello everyone. Nowadays every big business is pushing how safe
    shopping on the web is. One issue that's never addressed is the
    fact that the majority of "home-spun" websites aren't really
    secure. As a web developer, a considerable number of my clients
    hire me to overhaul their existing ecommerce sites. To my
    dismay, I've found that many sites are simply inserting an SSL
    link to an order form that in reality transmits a customer's
    credit card number from SSL through standard email channels. To
    some this could be deemed deceptive but personally I believe it's
    a case of well intended persons overlooking the fact that email
    is not secure.

    I've considered the use of a secure technology like PGP
    <http://www.php.com> to encrypt the information, but have found
    it a difficult task to explain to the retailer (who would receive
    the encrypted email) how to simply get their email decrypted.
    It's just one more tricky, technical step for someone in the
    sales business rather than the web development business to put up
    with. Now, although I don't have a sure fire, 100% guaranteed
    solution to to this problem, I have implemented steps to balance
    out ease of use with a good level of security in my work.

    I create most of the shopping cart systems I work on using Perl
    and, more recently, PHP. I'll leave all of the technical details
    up to you, the developer, but hopefully the following general
    ideas will give you something to consider.

    OK, so the customer has put some items in their shopping basket
    and has clicked on the checkout button that locks them into a
    secure SSL connection. At this point a checkout form is generated
    with fields for shipping, contact and credit card information and
    the like. Upon final checkout, I've wired my script to generate 3
    invoices. Invoice #1 is a copy of the order, which is emailed to
    the customer with the order summary, excluding the credit card
    information of course. Invoice #2 is the same as the customer's
    copy and is emailed to the retailer, with one exception. The
    retailer's copy also has a secure link at the bottom to Invoice
    #3 which is the completed invoice including credit card
    information, located on the secure server.

    Now, let me clarify a few things. Once the retailer clicks on the
    link to Invoice #3, an encrypted SSL connection is established
    between the browser and the server that stores this invoice. In
    addition, the folder that contains the billing invoice (#3) is
    protected by an .htaccess scheme requiring the retailer's user id
    and password. Upon login, Invoice #3, with the billing/credit
    card information, is displayed through the encrypted connection.
    For added convenience this invoice also provides a link to a
    script that will allow the retailer to delete the information
    once it has been printed. At this point we have achieved both
    goals: the encrypted transmission of personal/billing information
    and ease of use for the retailer.

    In conclusion, one of my stronger selling points when it comes to
    overhauling a site is explaining to the retailer the crucial
    steps needed to ensure privacy, security and ease of use on their
    part. Although my method may not be 100% foolproof, it is much
    less deceptive than using SSL to collect information that is
    later transmitted insecurely via email and much easier to
    implement than trying to teach someone that has sold shoes all
    their life the ins and outs of PGP encryption!

    One last thing to throw in, it may be advisable to set up an
    automated (cron) job that automatically deletes any invoice after
    72 hours. In the event that the retailer forgets to delete the
    invoice after it is printed, this script will ensure that it
    doesn't linger on the server. Notice the 72 hours interval; some
    stores do still close on the weekends.

    John Warren
    <holmescreek@wfeca.net>

    ---

    Got a tip to share? Send it to me: mailto:techtimes@sitepoint.com

    *****************************************************************

    To subscribe, send a blank e-mail to:
    mailto:join-techtimes@pluto.sparklist.com

  4. #4
    SitePoint Zealot
    Join Date
    Sep 2000
    Location
    Seattle, WA area
    Posts
    104
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think this system could probably be improved with some form of a Javascript to do a batch print of the day's orders or something like that. I would think that, for a retailer, it would be a bit time consuming to click on the link in each email separately.

  5. #5
    SitePoint Evangelist thewitt's Avatar
    Join Date
    Apr 2001
    Posts
    468
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I do something very similar on my ecommerce sites. The retailer comes in to collect the actual order payment information via a secured link. The additional piece that I have implemented is that the data is encrypted on the server, so that it is even more difficult to compromise.

    The major hole remaining for most users is server security.

    If the retalier has his web space on a shared server, the whole thing is more than likely wide open to anyone else on that server who can write CGI scripts.

    In a series of recent threads on WebHostingTalk, the alarming state of the shared server world has been revealed as being very insecure. The nature of a web server process running as nobody and being able to access files anywhere on the server in order to actually serve them, leaves major holes in any secure web commerce implementation on a shared server.

    How many of you have deployed applications on a shared server and thought that they were secure? Think again; in most cases they are not.

    If all scripts on the server are foreced to run with suEXEC in Apache, or a cgiWrap process that runs these scripts as the ower of the file, and you have been very careful with your ownership and access privs, you stand a chance of being secure. If Apache runs as nobody, and your files can be read by the web server using include directives from a cgi script (kind of have to be to be useful on the web), chances are you are insecure. The existance of a .htaccess file means nothing in this case. It's not the interaction with the browser that is delivering the files, but it's the cgi script reading the file system...

    -t

  6. #6
    SitePoint Wizard johnn's Avatar
    Join Date
    Mar 2001
    Location
    Southern California, USA
    Posts
    1,181
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you very much for your comments.

    So if an e-commerce site is put on a shared server, it is not that secure. If I still use a share server, is there a fix for it?

    I am newbie, and I think most web design businesses use share server for their clients.

    Thanks,
    John

  7. #7
    SitePoint Evangelist thewitt's Avatar
    Join Date
    Apr 2001
    Posts
    468
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally posted by johnn
    Thank you very much for your comments.

    So if an e-commerce site is put on a shared server, it is not that secure. If I still use a share server, is there a fix for it?
    That depends entirely on the shared host. If it's a CPANEL host, I suspect there is no easy way to secure it. Many of the popular hosting companies use CPANEL to set up their accounts, and the default configuration is just not secure.


    I am newbie, and I think most web design businesses use share server for their clients.

    Thanks,
    John
    You are correct. Most small businesses simply put their web presense on an inexpensive shared host, and that means they are at risk if the host is not security aware. Most I fear are not - particularly the ones in the class known as resellers.

    -t


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •