Pro PHP Security

Pro PHP Security guides developers through many of the defensive and proactive security measures that can be taken to help prevent attackers from potentially disrupting site operation or destroying data. Moreover, this book covers a wide swath of security measures, showing readers how to create and deploy captchas, validate email, fend off SQL injection attacks, prevent cross-site scripting attempts, and more.

One of the first books devoted solely to PHP security Covers a wide swath of both defensive and proactive security measures, showing readers how to create captchas, validate email, fend off SQL injection attacks, and more Methods discussed are compatible with PHP 3, 4, and 5

Autorentext

Chris Snyder is a software engineer at the Fund for the City of New York, where he helps develop next-generation websites and services for nonprofit organizations. He is a member of the executive board of New York PHP, and has been looking for new ways to build scriptable, linked, multimedia content since he saw his first Hypercard stack in 1988.

Inhalt
The Importance of Security.- Why Is Secure Programming a Concern?.- Maintaining a Secure Environment.- Dealing with Shared Hosts.- Maintaining Separate Development and Production Environments.- Keeping Software Up to Date.- Using Encryption I: Theory.- Using Encryption II: Practice.- Securing Network Connections I: SSL.- Securing Network Connections II: SSH.- Controlling Access I: Authentication.- Controlling Access II: Permissions and Restrictions.- Practicing Secure PHP Programming.- Validating User Input.- Preventing SQL Injection.- Preventing Cross-Site Scripting.- Preventing Remote Execution.- Enforcing Security for Temporary Files.- Preventing Session Hijacking.- Practicing Secure Operations.- Allowing Only Human Users.- Verifying Your Users' Identities.- Using Roles to Authorize Actions.- Adding Accountability to Track Your Users.- Preventing Data Loss.- Safely Executing System Commands.- Handling Remote Procedure Calls Safely.- Taking Advantage of Peer Review.