Our blog

Easy Security for PHP Scripts

If you have a script, admin area or whatever that you would like to make a bit more secure, you can use the following chunk of code to do this. If you don't have SSL (HTTPS) set up then you would need to get this sorted first.

This isn't bullet proof protection, but it helps.

PHP:

//IP addresses that you would like to be able to access the system
$allowed_ips[] = '99.99.99.01';
$allowed_ips[] = '99.99.99.02';
$allowed_ips[] = '99.99.99.03';
if(!in_array($_SERVER['REMOTE_ADDR'], $allowed_ips)){
header('HTTP/1.1 500 Internal Server Error');
exit();
}
//Force SSL Usage
if($_SERVER['SERVER_PORT'] != 443){ //assuming your server is running SSL on port 443
$url = "https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
header('Location: '.$url);
}

More Reading:

Leave a Reply

RSS Feed

Got any questions?

Send us a message or call us on 0844 357 0201

Edmonds Commerce offers professional PHP development by Zend Certified PHP developers. We are based in Leeds in West Yorkshire, easily accessible via the M1, national express rail, Leeds Bradford airport or any other transport you can think of. we are located right in the heart of the UK and can offer our services to any UK business looking for ecommerce, magento, oscommerce or PHP development work.

© Edmonds Commerce 2012