I want to restrict a PHP script so that only a 'known' user can run it from their 'known' location, but Id like to avoid an authentication step like a login.
I can partially trust the REFERER in this instance, since I know I will be receiving it. This could be spoofed, but I am encrypting the PHP code, so it would be hard for a 'weak' hacker to find out what to spoof the referrer to.
Is it possible to gather information about the users server environment?, and make all its characteristics prerequisites for the script to run? Im not sure how to do this but needing these details, plus the encryption will raise the security bar another notch.
I dont need extreme security, but Id just like to make the hackers life so difficult that they give up and move on to an easier target.
Are there any other mechanisms I can use? I dont mind paying for some commercial software if it offers solution (but Id still like to avoid a login if possible!).
I can partially trust the REFERER in this instance, since I know I will be receiving it. This could be spoofed, but I am encrypting the PHP code, so it would be hard for a 'weak' hacker to find out what to spoof the referrer to.
Is it possible to gather information about the users server environment?, and make all its characteristics prerequisites for the script to run? Im not sure how to do this but needing these details, plus the encryption will raise the security bar another notch.
I dont need extreme security, but Id just like to make the hackers life so difficult that they give up and move on to an easier target.
Are there any other mechanisms I can use? I dont mind paying for some commercial software if it offers solution (but Id still like to avoid a login if possible!).