What s Inside


What's Inside

The book is organized into chapters that address specific topics related to PHP development. Each chapter is further divided into sections that cover the most common attacks related to a particular topic, and you are shown both how the attacks are initiated and how to protect your applications from them.


Chapter 1, Introduction

Gives an overview of security principles and best practices. This chapter provides the foundation for the rest of the book.


Chapter 2, Forms and URLs

Covers form processing and attacks such as cross-site scripting and cross-site request forgeries.


Chapter 3, Databases and SQL

Focuses on using databases and attacks such as SQL injection.


Chapter 4, Sessions and Cookies

Explains PHP's session support and shows you how to protect your applications from attacks such as session fixation and session hijacking.


Chapter 5, Includes

Covers the risks associated with the use of includes, such as backdoor URLs and code injection.


Chapter 6, Files and Commands

Discusses attacks such as filesystem traversal and command injection.


Chapter 7, Authentication and Authorization

Helps you create secure authentication and authorization mechanisms and protect your applications from things like brute force attacks and replay attacks.


Chapter 8, Shared Hosting

Explains the inherent risks associated with a shared hosting environment. You are shown how to avoid the exposure of your source code and session data, as well as how to protect your applications from attracks such as session injection.


Appendix A, Configuration Directives

Provides a short and focused list of configuration directives that deserve particular attention.


Appendix B, Functions

Offers a brief list of functions with which you should be concerned.


Appendix C, Cryptography

Focuses on symmetric cryptography and shows you how to safely store passwords and encrypt data in a database or session data store.




Essential PHP Security
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net