How can I limit access for automatically generated files to specific users in a MVC setup?
I have a typical MVC based website, and I’d like to give some registered users the abillity to extract data from the database (in a variety of formats). The workflow is very simple:
Are random number generators security holes?
If I retrieve a random number from a database (e.g. RAND() in SQL Server) or using a programming language and send this in some form back to a client machine, is there an economic chance I will be sending an indicator of what’s in my server’s memory that might form a security problem (like revealing my schema, etc)?
Are random number generators security holes?
If I retrieve a random number from a database (e.g. RAND() in SQL Server) or using a programming language and send this in some form back to a client machine, is there an economic chance I will be sending an indicator of what’s in my server’s memory that might form a security problem (like revealing my schema, etc)?
Securely sending data from shared hosted PHP script to local MSSQL
I’m trying to add data from a webhook (from a web cart) to a local Microsoft SQL Server. It seems like the best route for me is to use a PHP script to listen for new data (POST as json), parse it, then query to add to MSSQL.
Securely sending data from shared hosted PHP script to local MSSQL
I’m trying to add data from a webhook (from a web cart) to a local Microsoft SQL Server. It seems like the best route for me is to use a PHP script to listen for new data (POST as json), parse it, then query to add to MSSQL.
Securing sensitive data from developers
I have an enterprise application running that uses both MySQL and MongoDB datastores. My development team all have SSH access to the machine in order to perform application releases, maintenance, etc.
Securing sensitive data from developers
I have an enterprise application running that uses both MySQL and MongoDB datastores. My development team all have SSH access to the machine in order to perform application releases, maintenance, etc.
How to separate user data in database models?
I am writing a web service for research and learning purposes and try to find an approach to separate user data from other users to ensure a request can never deliver or reveal data from another user.
Why are cloud services needed for push notifications?
We currently have a customer that wants us to implement push notifications to our app. The problem is that for this customer, security is really, really important…
I am not able to find any official documents, that state that the only way to send push a notification to an Android or iOS device via internet is the use of FCM / APNS.
Sadly, I don’t think that I can convince the decision makers to open ports to a Google / Apple service, if I can’t show them that this is a real necessity.