Whether you are an ISP hosting thousands of sites, or just someone with a fast DSL line and a fixed IP address wanting to let their friends store their web sites locally, securing your server against malicious use of PHP should be a top priority.
Next chapter: Understanding the concerns >>
Be wary of session fixation
Security concerns Programming secure PHP register_globals Choose your file extension carefully Put key files outside your document root Remember that most files are public Hide your identity Hiding PHP Restrict general database access Restrict PHP database access Denial of service Pre-initialise important variables to safe values Be wary of session fixation Hosting PHP Understanding the concerns Safe mode Protecting your data Data encryption Terms you need to know Asymmetric vs. Symmetric Basic symmetric encryption in action Advanced symmetric encryption Symmetric decryption Changing encryption algorithm Changing block cipher mode Hardened PHP: Suhosin Summary Exercises Further reading Next chapter
Table of Contents
Copyright ©2015 Paul Hudson.
Follow me: @twostraws.