joined:May 3, 2011
I am working on my first website as such and was looking into encryption of stuff like username, password etc. There is a number of functions in php or other languages that can help me out here, like md5 or sha encryption with salt, etc..
What I was wondering about is how any of these is going to actually secure information sent from the browser to the web server. I really do not have a deep understanding of these, but here's how I get it: These encryption methods help in the situation when the database I'm storing the sensitive info in is compromised. What I'm interested in is how in the name of the lord do they guard against someone sniffing my packets while I'm logging in? I guess nohow.. So how do I secure a login or registration page?
Finally,I was looking into SSL certificates, but I still don't know how to implement a webpage using https. Does my webhost need to configure their server so my site can use ssl? Does anything need to be configured client-side? Basically I'm looking for a dummies manual for setting up an ssl connection which I haven't found anywhere so far. Anybody any ideas?