Hi, I am creating a new website the include tons and tons of pages and subdomains and all of them are connected by PHP accounts system using iframe and URL hashes and I am using my own new encryption code that no one can know and its being converted to md5 hash after the encryption.
my questions is:
is there any way to protect my website more and more, any advice?
and whats the most secure way to keep my encryption system safe?
anyone?
If you have epizy/your own nameservers configured to serve the website’s IP on your domain, the security system protects bots and someone else without JavaScript and cookies enabled trying to access your website
For starters, I would like to share rule #1 about building your own encryption system: never build your own encryption system.
For more information about why, learn “Kerckhoffs’s principle” and “Schneier’s Law”.
Many popular and secure cryptography systems exist today, which are all backed by scientific research and have been tested and verified by many great cryptographers, mathematicians and hackers. If your goal is to build a secure system, you should definitely not build your own cryptography solution because it’s very likely to have some bug or oversight.
For starters, you are using MD5, which has been known to be a weak algorithm for years. SHA256 is quite common these days, although other algorithms and implementations exist and are more suitable depending on how you intend to use them.
If your goal is to learn more about cryptography, then please do keep trying things, learn about how the internals work and play with it. But if good security is the main goal here, then don’t build your own system.
1 Like
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.