Protecting API Access on Apache/Cloudways

Hari

Hello Mark,

Hope you’re doing well! Got a quick security question for you. I have a website that runs on Apache with Cloudways hosting, and we’re using APIs in PHP files. Recently, I noticed some random users accessing the APIs with URLs like domain.com/file.php?data=xxxx?, which seems like an attempt to misuse the server.

Could you suggest a way to protect my server so only authorized requests can access these APIs?

Thanks a lot!

phenomlab

@Hari Much of this response depends on whether these API’s are internal or external, and who manages/supports them. If they are your own API’s, then you should ideally send a predefined key in the header to ensure that the request is authentic.

This is the standard way of doing it, but I’ll need a bit more detail to comment further.

Protecting API Access on Apache/Cloudways

Related Topics

Adjusting HSTS settings for public wifi's

Court finds teenagers carried out hacking spree

DDoS attacks on our website.

Create a dynamic category list

Neural networks being used to create realistic phishing emails

migrating from cloudways to plesk

API database project? ideas?

Headless CMS, anyone have experience with these?

Protecting API Access on Apache/Cloudways

Related Topics

Individual Categories