Pro PHP security from application security principles to the implementation of XSS defenses
Provides information on securing PHP applications, covering such topics as SQL injection, XSS, remote execution, temporary files, REST services, CAPTCHAs, identity verification, and versioning
Main Author: | |
---|---|
Other Authors: | , |
Format: | eBook |
Language: | English |
Published: |
[Berkeley, Calif.]
Apress
2010
|
Edition: | 2nd ed |
Series: | The expert's voice in open source
|
Subjects: | |
Online Access: | |
Collection: | O'Reilly - Collection details see MPG.ReNa |
Table of Contents:
- Why is secure programming a concern?
- Validating and sanitizing user input
- Preventing SQL injection
- Preventing cross-site scripting
- Preventing remote execution
- Enforcing security for temporary files
- Preventing session hijacking
- Securing REST services
- Using CAPTCHAs
- User authentication, authorization, and logging
- Preventing data loss
- Safe execution of system and remote procedure calls
- Securing Unix
- Securing your database
- Using encryption
- Securing network connections : SSL and SSH
- Final recommendations