koobas.hobune.stream
Protect agains sniffing (Requests)
Hey guys,
I have a question. My problem is that I made an app and I am making PHP Requests. I just realized that you can sniff everything on Android with "Packet Capture"...
How can I make my app more secure? I thought about working with checksums or add something like a secret key which changes every time and I decrypt this key on my server somehow.
Does anyone of you have an idea how to protect against sniffing or how I can make my request more secure? (I am using basic authentication now but this isn't good)
I am new in security.
Best thing to do is to just evaluate everything on the server side before actually using it. Especially things concerning DBs as you probably don't won't any SQL injections. Can also have a look at cross-site scripting. And of course not send your authentication data over a simple http request or anything like that, but no idea how that works in PHP.
That's just some simple suggestions, pretty sure there is a lot more to this. Hope this helps in some way. :)
