PHP Security Guide
The PHP Security Guide is the flagship project of the PHP Security Consortium. This guide offers detailed information pertaining to a number of common security concerns for all PHP developers.
Description
The PHP Security Guide is the flagship project of the PHP Security Consortium. This guide offers detailed information pertaining to a number of common security concerns for all PHP developers.
Description
What Is Security?Table of Contents
It is unfortunate that many software projects list security as a simple requirement to be met. Is it secure? This question is as subjective as asking if something is hot.
- Security is a measurement, not a characteristic.
It is easy and relatively inexpensive to provide a sufficient level of security for most applications. However, if your security needs are very demanding, because you’re protecting information that is very valuable, then you must achieve a higher level of security at an increased cost. This expense must be included in the budget of the project.
- Security must be balanced with expense.
It is not uncommon that steps taken to increase the security of a web application also decrease the usability. Passwords, session timeouts, and access control all create obstacles for a legitimate user. Sometimes these are necessary to provide adequate security, but there isn’t one solution that is appropriate for every application. It is wise to be mindful of your legitimate users as you implement security measures.
- Security must be balanced with usability.
If you do not design your application with security in mind, you are doomed to be constantly addressing new security vulnerabilities. Careful programming cannot make up for a poor design.
- Security must be part of the design.
- Overview
- Form Processing
- Databases and SQL
- Sessions
- Shared Hosts
Post a Comment