Published News » Security
There is a new article about a popular PHP e-commerce application, OpenCart, which is vulnerable to CSRF attacks but the creator isn't acknowledging the problem. The article highlights the problem with the inexperienced developers and how it is easy for a developer to create web applications but put thousands of businesses at risk. The PHP community is asked on how an issue like this could be ha
Read More
Here is the first post of PHP Best Practices Series. We’ll begin with (in my opinion) the most important aspect of web developing – the security.
Read More
If you write code this book deserves a place on your bookshelf. It clearly demonstrates the sin, but shows how to find it and fix it (in several different languages C.C++ perl, php etc.). It may not cover every possible sin, but as the authors say if you do everything in this book you are doing pretty well.
Read More
Being an efficient developer often means abstracting functionality such that a single function can be applied to a variety of uses across an application. Even as this decreases risk of errors, time to develop, and the attack surface necessary to secure the application it also makes implementing security more difficult.
Read More
Here is a simple script that will show you what IP addresses are making how many requests to your server.
Read More
XSS is Cross Site Scripting. If you don't know how XSS (Cross Site Scripting) works, this page probably won't help you. This page is for people who already understand the basics of XSS attacks but want a deep understanding of the nuances regarding filter evasion. This page will also not show you how to mitigate XSS vectors or how to write the actual cookie/credential stealing/replay/session rid
Read More
SQL injection is a serious concern for webmasters, as an experienced attacker can use this hacking technique to gain access to sensitive data and/or potentially cripple your database. Are you safe?
Read More
If you're having problems with server load due to high volume of traffic you can try getting fast cheap web hosting for your sites. Although web hosting is part of the solution you also need to consider other bandwidth heavy website applications.
