I need some advice regarding website security.
I have a website application where a user enters their details in a form, the data is then transmitted to a third party website using a POST request and SSL for encryption. The website runs over HTTPS.
The third party website needs to be able to see the data.
Is there anything else I can do to secure the data that's being transmitted?
Please let me know if you need any more specific details.
HTTPS is already pretty secure, but if you want to make it a bit more secure you could use hashing with a secret key only you and the receiver know.
For example, when you send the data
The receiver can also calculate the hash from the data and $mySecret (which they have to know of course) and check if it's the same as the hash you sent with the data; if not, someone tampered with the data. Of course this relies on the fact that hackers don't know $mySecret and are therefore not able to create a hash of their own.
Hashing looks interesting, I'll look in to that. Thanks for your response.