Pro PHP Security is one of the first books devoted solely to PHP security. It will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. (And the methods discussed are compatible with PHP versions 3, 4, and 5.) The knowledge you'll gain from this comprehensive guide will help you prevent attackers from potentially disrupting site operation or destroying data. And you'll learn about various security measures, for example, creating and deploying "captchas," validating e-mail, fending off SQL injection attacks, and preventing cross-site scripting attempts.
Author: Chris Snyder
Author: Michael Southwell
Publisher: Apress
Customer Reviews
-
Finally a good book on PHP security issues
PHP applications written without a concern for security risk cross-site scripting, SQL injection, session hijacking, and a multitude of other potential problems. This book examines how to setup a secure environment including encryption, hashing, SSL and using PHP to connect to SSL servers. The authors also examine how to install and configure OpenSSH and using it with PHP applications. Of course they also deal with the usual concerns of user authentication, permissions, restrictions, validating input, preventing SQL injection, preventing cross-site scripting, preventing remote execution (including PHP code injection and embedding), security for temporary files, and preventing session hijacking. The Pro PHP Security is written specifically for PHP programmers working in the Apache, MySQL, and PHP 5 environment and is highly recommended
|
