Encrypt API (server / client)

Question

0.00/5 (No votes)

See more:

We have a PHP REST API that is consumed by many applications: desktop and mobile.
I want to encrypt the API communications and I need a cross-platform solution that works on client side in C#, Java, Objective-C and Javascript as well as on server side (PHP) .

Can you please suggest a way that will help me solve this issue?

The main reason for using encryption is to avoid brute force attacks on the API and to increase the security.

Thank you!

What I have tried:

I did not find a suitable solution - a library/framework.

Posted 11-Feb-19 2:56am

micutzu

Updated 12-Feb-19 4:47am

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard MacCutchan · Answer 1 · 2019-02-11T03:03:00

Solution 1

See server client encryption - Google Search[^].

Posted 11-Feb-19 3:03am

Richard MacCutchan

Richard Deeming · Answer 2 · 2019-02-12T04:47:00

Use HTTPS for all communication between the client and the server. This will automatically encrypt the traffic between them. The only change required will be to replace "http://" with "https://" in the client configuration.

HTTPS - Wikipedia[^]

Depending on how your server is configured, you might be able to use a free SSL certificate from Let's Encrypt[^].