User Data Security
In this article, we will see how to ensure the security of our users’ data, such as passwords, emails, and other sensitive information that could harm our users if exposed.
Laws
But this is not only to protect your users; it is also about a responsibility you have with your users, to protect their personal data. For example, in Europe, there is the GDPR (General Data Protection Regulation), and in the United States, we have a number of laws to comply with.
Existing laws in the USA:
Gramm-Leach-Bliley Act (GLBA): Protects consumers’ financial information.
Health Insurance Portability and Accountability Act (HIPAA): Protects consumers’ medical information.
Fair Credit Reporting Act (FCRA): Regulates the collection and use of credit information.
Electronic Communications Privacy Act (ECPA): Protects the privacy of electronic communications.
In general, all countries have data protection laws that must be complied with, but it is most advisable to take into account the laws of the USA.
Data to protect
When a user registers on our website, what should we protect?
Personal data:
- Full names
- Addresses
- Phone numbers
- Email addresses
- Personal identification numbers (ID cards, resident alien cards, etc.)
- Financial information (credit card numbers, bank accounts, etc.)
- Medical information
- Biometric data (fingerprints, facial recognition, etc.)
Confidential data:
- Business information (projects, strategies, etc.)
- Intellectual property (patents, trademarks, etc.)
- Employee information (salaries, performance evaluations, etc.)
- Research data
- Any other information that could be used to cause harm to your company or your clients
¿How can I protect this data?
Protection against CSRF
Defense against CSRF attacks should be a fundamental priority in web application development. CSRF poses a significant threat as attackers can exploit users’ active sessions to execute unauthorized actions on their behalf.
1 – To prevent CSRF attacks, it is crucial to implement a protection mechanism using random tokens. These tokens are generated and assigned to the user when interacting with a form or request on the website. When the user submits the form, the associated token is included in the request.
Upon reaching the server, the sent token is verified to match the expected token for that specific action. If the tokens match, the action is allowed to proceed; otherwise, the request is rejected.
This technique ensures that only requests originating from the website and containing a valid token are processed. By using random and unique tokens for each request, it prevents attackers from predicting or manipulating the tokens, effectively protecting against CSRF attacks.
XSS protection
Another thing we should consider is protection against XSS attacks because it makes no sense to protect our user data if it ends up being directed to another page due to malicious scripts.
2 – In this case, we should prevent our users from placing scripts on our page. We can use the htmlspecialchars function in PHP for this purpose, but we can also use the HTMLpurifier library to ensure that the user’s input is not harmful to your site.
Validation
Third, we should validate the data our users enter in the forms, this on the back-end.
It is not enough to apply it only on the front-end since a malicious user could bypass it. On the other hand, doing it on the front-end helps prevent our server from processing meaningless data.
3 – The general idea would be validation on the front-end, then if it passes validation, on the back-end.
Prefixes on Database
Fourth, in WordPress as in other frameworks, we use prefixes in our databases, and this is not a whim of the WordPress developers; it is an added security level to our page or app. Users usually think of a users table, password, email, etc.; not WFR_users, for example.
4 – Prefixes to tables in databases
Encryption
Finally, there are data that are too sensitive to be kept visible in the database, for example, the password, email, ID number, etc. These data should at least be encrypted.
5 – Encryption of sensitive data
More security to consider for user data security
Utilize a secure connection: Use an HTTPS connection to encrypt communication between your PHP application and the database.
Store database credentials securely: Do not save them directly in your PHP code. You can use an external configuration file or a secrets manager to store them securely.
Content Security Policy (CSP)
Protection against brute force attacks
You can learn how to protect yourself against this attack in the post about fail2ban: Brute force attacks on servers (Linux).