Any input?

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
CaliberWebMedia
Forum Newbie
Posts: 4
Joined: Thu Nov 17, 2011 11:01 pm

Any input?

Post by CaliberWebMedia »

Security Precautions
Overview
I’ve been working on a web content management system and I’m wondering if my security precautions are enough or if I’m forgetting anything?
Login
- form token and another token with user-agent stored in it for good measure?
- One way encrypted passwords, password strength tester, users names follow specific format
- Sql injection
- All incoming data is sanitized
- Form spoofing has been prevented
Sessions
- Sessions are registered based on privileges
- Sessions and user-agent are checked for every page action and changed
- Sessions are registered with unique variables such as $_SESSION[‘1234d0n1y’];
- Sessions timeout after 15 minutes with my own script, also they are set to timeout after 30 minutes
- Sessions are stored in a directory with only this site
CRUD
- All users have privileges
- All forms have a token
- All forms check the data posted verses the an array of expected data
- All data is sanitized
- Sql injection has been prevented
- Should I prompt for a password when a users updates sensitive data or deletes sensitive data?
Other
- All include files are in a password protected directory
- All errors are logged and reported to me
- Pretty much everything is monitored
- Program does not store any sensitive data, however if it were to be hacked malicious users could delete all data
- All data that is posted is checked to see that it is the data it should be, data, integer, string, etc..
- Some special characters are blocked… unless using WYSIWYG editor.
- All file uploads only allow specific file types, not sure about something like… image.php.jpg or visa versa?
- Anything I’m forgetting?
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: Any input?

Post by social_experiment »

CaliberWebMedia wrote:Login
One way encrypted passwords, password strength tester, users names follow specific format
Salts. Use a salt (and pepper) to create your password hashes.
CaliberWebMedia wrote: Should I prompt for a password when a users updates sensitive data or deletes sensitive data?
It couldn't hurt but i would limit this to administrators / super-users. If i was a user having to continually enter my password before i could delete something i would quit using the software.
CaliberWebMedia wrote: Anything I’m forgetting?
You don't mention specifics about the system itself but it's a good idea to only give a user the permissions they need on the SQL server. So if your normal users can only SELECT, UPDATE, DELETE it wouldn't be such a good idea to have the password / username combination they use have GRANT , DROP permissions.
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
Post Reply