Website Login to secure confidential information

We are in the process of setting up a website. On the website we want a secure login link, so our clients can login by screen name and password to access their information.

Each client will need to login with a unique screen name and password, giving them the ability to see the status of their accounts, (i.e. database or spreadsheet of pertinent information, along with ability to upload and download confidential documents, and communicate by posting messages). Due to the type of private information it will need to be encrypted and secured in a way that complies with current information security laws

I was in the process of setting up a website on GoDaddys WebSiteTonight, but it looks like we wont have the ability to set it up the way we need it.

I am unsure as to how to set this up and where to go from here.
nashvilletnAsked:
Who is Participating?
 
Jason C. LevineNo oneCommented:
Hi nashvilletn,

If you have access to PHP and MySQL: http://www.phpeasystep.com/workshopview.php?id=6

0
 
nashvilletnAuthor Commented:
Anyone have an answer???
0
 
nashvilletnAuthor Commented:
Anyone have an answer???
0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

 
nashvilletnAuthor Commented:
can this be done on godaddy's website tonight?
0
 
wktang83Commented:
This tutorial (http://www.phpeasystep.com/workshopview.php?id=6) DOES NOT protect you against session hijacking. Unless you're encrypting the connection using SSL, the transmission of data between the client's computer and the server can be intercepted by an attacker, and can be used to hijack the session, and therefore gaining access to the administrative system.

If you are using php, read more about preventing session hijacking here:
http://phpsec.org/projects/guide/4.html

I have written a class in php which is able to defend against session hijacking. If you're interested, post back.
0
 
nashvilletnAuthor Commented:
So as long as SSL is utilized will this type of setup work? Do you know if this can be implemented in a website tonight website?
0
 
wktang83Commented:
nashvilletn:

According to this site,
https://www.godaddy.com/gdshop/hosting/hosting_build_website.asp?app_hdr=

they do give you a free SSL cert. (Only for the Premium Plan though).

If you're not on the premium plan, you can have SSL cert as an add-on for $29.99/yr.
https://www.godaddy.com/gdshop/ssl/ssl.asp

SSL certs will enable your website to have secure SSL encrypted connection.
0
 
nashvilletnAuthor Commented:
Thank you for your assistance.  It is greatly appreciated!!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.