Hi,
I am trying to develop an app that involves communication between 2 php servers ( Master & Slave ). The communication is one way only , the Master talks to the Slave only.
My question is how do i implement this ?
The idea that i have now is to create api.php file on the Slave and when the Master communicate with the slave it have to provide auth key and auth pass and the slave verify this and also verify that the IP of the Master is allowed to access this slave, once the authentication finish i use session with timeout of 15-30 seconds so i can perform my command.
Communication will be over HTTPS.
Is this enough from the security aspects ? did i miss something else ? should i encrypt the data as well even though it goes over HTTPS ( encryption key won't be sent over HTTPS, will be predefined)
Thanks in advance for any suggestion.
I am trying to develop an app that involves communication between 2 php servers ( Master & Slave ). The communication is one way only , the Master talks to the Slave only.
My question is how do i implement this ?
The idea that i have now is to create api.php file on the Slave and when the Master communicate with the slave it have to provide auth key and auth pass and the slave verify this and also verify that the IP of the Master is allowed to access this slave, once the authentication finish i use session with timeout of 15-30 seconds so i can perform my command.
Communication will be over HTTPS.
Is this enough from the security aspects ? did i miss something else ? should i encrypt the data as well even though it goes over HTTPS ( encryption key won't be sent over HTTPS, will be predefined)
Thanks in advance for any suggestion.