If I have a script I want to be able to run at a moment's notice and have it on the public side of the server on https, and as long as I keep my own personal cache from prying eyes, is that as secure as a 'behind the public' script in which I would have to log in with a username and password to instantiate?
For example, consider these two methods:
1) I log in with username: xxxxxxxx, password: yyyyyyyy (say with ssl or cpanel and then trigger the script)
2) I simply run this path from my iphone, https://www.iamsilly.com/xxxxxxxx/yyyyyyyy/myscript.php
Eliminating the possibility that someone might pick up my iPhone and look in my history, is there any practical difference between the level of security between these two systems of security? Is the complexity not exactly the same? Is https not encrypted enough to make the https complexity just as safe as logging in?
Thanks, I apologize if this topic has been talked to death, but after reading oodles of posts about it, I still don't quite get it!
EDIT: Keep in mind that the path with an 8x8 randomized double directory has 7 quintillion (seven billion billion billion) combinations, and that's only if I were to use alpha and numeric characters.
You're saying "I don't need to lock my front door if it's not visible from the street, right?"
You're assuming you know how a given intruder will find his way to your site. You don't.
You're assuming that a single human being is trying to get into your site. It probably will not be a human, and it probably won't be just one. Intrusion attempts scale up very well.
I put my seat belt on in the car no matter where I'm going, even if I'm literally driving a quarter mile away. It's safer and I don't waste brain time wondering if I need to. Put the password on your app and don't waste your time trying to figure out if it's worth it or not.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With