Man-in-the-middle

A 'Man-in-the-middle' attack is when a 3rd party controls the connection between two parties. A user thinks they are making a request directly to a server. The server thinks it's responding directly to the client. But all requests are routed through the attacker's server, who can alter or log the request data.

The attacker has to ensure that the requests are not malformed so that the server or client can't process them.

Forms of attack

Public networks

Attackers can insert themselves as a man-in-the-middle on public WiFi networks. Public locations like cafes or airports often have unprotected networks.

The attacker has to be near the victim to intercept the traffic. This attack-vector only works when the data is not encrypted.

Mitigating and preventing attacks

HTTPS

Man-in-the-middle attacks are conducted on unencrypted networks. Encrypting the connection with an SSL certificate is a simple way to secure sites. All sites that accept sensitive user data should use HTTPS. Browsers are starting to restrict access or show warnings to sites using an insecure connection.

Authentication scaffolding

Starter kits for Laravel, Vue and React.