Published News » Security


Security »

Recently word as spread about the Wordpress password reset exploit. Any version of Wordpress from version 2.8.3 down is vulnerable. The exploit will allow anyone to reset the admin password of a Wordpress powered blog by simply adding parameters in the URL's query string. Read More
Posted by girish.r 1585 days ago (http://css.dzone.com)
Discuss  | Read MoreBury | Tweet This | Tagged: wordpress admin exploit
Add To 

Security »

There was a recent question about a PHP security checklist on a forum I frequent, and I’ve decided to write my own comprehensive checklist to fill the void. There’s something for everyone but the security expert. In fact, you might find an issue that you never thought about. Read More
Posted by girish.r 1593 days ago (http://www.sk89q.com)
Discuss  | Read MoreBury | Tweet This | Tagged: security checklist
Add To 

Security »

Pete LePage works as a PM on the Internet Explorer team working with developer security. He stopped by the studio today to give us some tips as surfers, as well as a few tips for developers, on some of the things that can help prevent security threats. In 2008 a study showed that about 70% of attacks on web sites were from cross-site scripting. Pete goes through three security topics that every d Read More
Posted by girish.r 1623 days ago (http://channel9.msdn.com)
Discuss  | Read MoreBury | Tweet This | Tagged: explorer 8 security browser
Add To 

Security »

I got asked to review a fairly large piece of PHP code recently and, whoooo boy, was I in for a treat (treat as in clawing my eyes out with a rusty spoon while listening to Nickelback, as interpreted by Dr Zoidberg. In reverse). No cup of heavenly blessed Kopi Luwak coffee, poured into a cup of golden banana leaves by naked triplets could counter the massive damage done to my corneas or, for that Read More
Posted by girish.r 1624 days ago (http://pronewb.com)
Discuss  | Read MoreBury | Tweet This | Tagged: security tips
Add To 

Security »

In our previous post “Writing secure codes in PHP” we discussed about the most basic tips on creating secure PHP applications. Here we provide more insight to one of the threats discussed. Read More
Posted by girish.r 1628 days ago (http://www.omkarslab.co.cc)
Discuss  | Read MoreBury | Tweet This | Tagged: sql injections
Add To 

Security »

It may considerably reduce XSS attack possibilities if not completely eradicate it. XSS, or Cross Site Scripting, is probably the most common security problems in web applications that engage in heavy user input. If you’ve ever tried to build a web application that users can input data in a lot of different venues, chances are it has a security hole somewhere that allows XSS attacks. Don’t panic Read More
Posted by girish.r 1631 days ago (http://www.kavoir.com)
Discuss  | Read MoreBury | Tweet This | Tagged: setcookie xss cookies
Add To 

Security »

Wordpress 2.9.2 is the latest version release with the simple point to improve its flexibility and security. If you have untrusted authors logging into your blog may lead to trash of your articles, your are recommended to use the latest Wordpress 2.9.2. Read More
Posted by girish.r 1632 days ago (http://graphicalerts.com)
Discuss  | Read MoreBury | Tweet This | Tagged: security plugins wordpress
Add To 

Security »

A lot of tweets today informed me about launch of Damn Vulnerable Web App (DVWA) which is basically an aid for security professionals to test their skills and tools and help web developers better understand the processes of securing web applications.

I had an old list of tools/plug-ins/utilities etc which can be helpful while playing with DVWA and I'd like to share the same for you to learn We Read More
Posted by girish.r 1633 days ago (http://blog.rohit11.com)
Discuss  | Read MoreBury | Tweet This | Tagged: webapp security
Add To 

Security »

Everyone who cares about security will remember the Debian Openssl disaster in 2008. The debian developers had patched their version of openssl to fix compiler warnings. This resulted in a broken random number generator that made all keys generated by Debian systems predictable. One would think that Debian developers are more careful with patching “bugs” in security tools since that day. Read More
Posted by girish.r 1636 days ago (http://www.suspekt.org)
Discuss  | Read MoreBury | Tweet This | Tagged: debian suhosin
Add To 

Security »

During the era of a rapidly growing Internet market security has to be one of the prime concerns of a web developer. Today the content online includes something more than plain text. Personal details, bank transactions, socialising details are few of the many things stored on the Internet by users who blindly trust service providers for securing it. As a beginner in any web-development area, a q Read More
Posted by girish.r 1640 days ago (http://omkarslab.co.cc)
Discuss  | Read MoreBury | Tweet This | Tagged: attack hack injection sql xss
Add To 

Security »

If you were a sysadmin a few years ago, and you had php on your servers, you're probably already familiar with c99. In case you haven't had the personal | Eric Lamb Read More
Posted by girish.r 1642 days ago (http://blog.ericlamb.net)
Discuss  | Read MoreBury | Tweet This | Tagged: c99 remote file inclusion
Add To 

Security »

When you’re developing applications or a website using MySQL, there are a few tips you can follow to enhance the security of your database. When you create a database and use PHP to code your applications you’re automatically faced with hash security risks that can hinder what you’ve worked hard to develop. Below, we’re going to touch base on a few Vital MySQL Development Security Tips that will Read More
Posted by girish.r 1646 days ago (http://grindsmart.com)
Discuss  | Read MoreBury | Tweet This | Tagged: mysql security tips
Add To 

Security »

Every version comes with improvements, but until we get a completely secure WordPress version we have to find ways to improve the security ourselves. Here are 10 great ways to improve the security of your WordPress powered website. Read More
Posted by girish.r 1654 days ago (http://wpcanyon.com)
Discuss  | Read MoreBury | Tweet This | Tagged: wordpress
Add To 

Security »

If your web server’s access permissions are wrong, it will be easier for somebody to take control over your server. So, next 3 advices are how to fix your access rights: Read More
Posted by girish.r 1662 days ago (http://www.devtheweb.net)
Discuss  | Read MoreBury | Tweet This | Tagged: security get_magic_quotes_g magic_quotes
Add To 

Security »

As the Web continues its march towards becoming the de facto interface for the world's software applications, developers must find effective ways to not only communicate with server processes such as MySQL, but also other operating system tools such as a shell or Ruby script. In this tutorial, I'll show you how to securely execute a variety of system-based commands via a PHP script, demonstrating Read More
Posted by girish.r 1665 days ago (http://www.phpbuilder.com)
Discuss  | Read MoreBury | Tweet This | Tagged: security mitigate
Add To 

If you're having problems with server load due to high volume of traffic you can try getting fast cheap web hosting for your sites. Although web hosting is part of the solution you also need to consider other bandwidth heavy website applications.