Asterisk Forums

[butwhyowhy]

I need a secure way to send variables and using the GET method which "Send Call Values to URL" uses is very insecure. Since it simply adds to the URL all the information is stored in the server logs.

If say you wanted your customer to enter their credit card number into the system there is no way to securely process this...?? Even if I just wanted them to type their account number and PIN there is no secure way to do this unless I am missing something... ??

Thanks,
Michael

[dpodolsky]

Sending information using a GET method and HTTPs is secure. HTTPs establishes an underlying SSL connection before ANY HTTP data is transferred. This ensures all data (post body or URL data) is transferred within its encrypted connection and is protected. If you are not using HTTPs then GET and POST are both insecure methods to send information.

So you don't have to worry about the HTTPs transfser, but you should evaluate all paths along you the route if you want to collect credit card information over the phone. If your incoming calls are coming over an analog phone line, then a pair of alligator clips attached outside your building to the line will be able to read the DTMF tones and collection information that way.

Hope this helps.

[butwhyowhy]

Thanks for the reply dpodolsky.

The reason GET is not secure is because the URL itself is stored in the server log. Even though it is HTTPs and everything including URL are sent encrypted the entire URL including variables, etc... gets stored in the server log which makes this extremely unsecured. Is there another way to send or access the variables?

Thanks

[dpodolsky]

I understand your problem and you have pointed out why it is important to evaluate all the paths along a secure transaction.

The reason GET is not secure is because the URL itself is stored in the server log

To be clear, GET over HTTPs IS secure. The problem along your path isn't with the communication mechanism, but the insecure part is with how your HTTPs server decides to store the URLs in its logs. There isn't a way to send POST variables with Switchvox so I would look into how you can change the log levels on your HTTPs server to be more secure. This may be a quick google search, or if you post the web server you are using someone on this board might have some insight how to do this.

I have entered your feature request to have the preference to send POST variables with the Switchvox product.

[butwhyowhy]

Thanks again for the reply.

I host at hostgator.com - I am not attached to them and would switch if I felt it would solve my problem but as far as I know any shared hosting environment or really any hosting environment has standard server logs in which this information is kept unencrypted. Please tell me if I am wrong.

Thanks again,
Michael

[dpodolsky]

This all depends on what you bought. The hosting plans I am familiar with usually are the customer rents a dedicated server or virtual slice and then installs what they want. If its your server or your slice then you can control the output format for your transfer logs. Most servers come with apache installed, and by default apache will output the the first line of the HTTP request (%r) to the logs, and the first line usually includes the full get request. But this is easy to change. Just take the %r out of the LogFormat directive in your httpd.conf. Done. More info about apache logs here :
http://httpd.apache.org/docs/2.0/mod/mod_log_config.html#formats

If you aren't running apache, then check the google-machine for ways to configure the logging format.

[butwhyowhy]

Not sure why I never knew there was an option to remove certain parameters from the logs. I use ASPX and it appears to be even easier to remove or add variables to the logs.

Thanks!