O'Reilly logo

Learning Phalcon PHP by Calin Rada

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Securing an API

In general, when you put something online, it is not secure anymore. Virtually anything can be hacked. What can you do in this case? Well, if you are not a billionaire who can afford huge investments in human resources and security software and hardware, all that you can do is try to make the attackers' life a bit rough and always monitor your stuff.

There are hundreds of books about security and securing an API. We will try to implement a few basic security methods that can help you avoid a disaster.

So what are these methods? Here is a list:

  • Always use SSL
  • Add an API key for extra protection
  • Limit the number of requests per second from the same IP
  • Limit access to resources, such as DELETE, PUT, POST, for authenticated users

Using SSL ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required