New at PHP Security
Posted: Mon Oct 16, 2006 8:47 pm
Hey guys,
I need some advise...
I have bee given a chance to tender for a really big project that involves building user input applications (forums, registrations), multi-lingual, and also secure download.
The tender also has requirements regarding security with the emphasis on te following vunerabilities:-
In particular, the website should not be vulnerable to the following attacks:
Thanks..
Kendall
I need some advise...
I have bee given a chance to tender for a really big project that involves building user input applications (forums, registrations), multi-lingual, and also secure download.
The tender also has requirements regarding security with the emphasis on te following vunerabilities:-
In particular, the website should not be vulnerable to the following attacks:
I admit...i am one that has not used best practices when developing my php apps ( alot of $_GETTING) not big on internal error_handling. So now i need to learn some tricks... I am purusing this part of the forum index as we speak...Can someone like...briefly give me some common basics on security when developing code to prevent such exploits stated given that the ascope of development entails what i had stated about the projects scope of work• Parameter injection
• Command Execution
• SQL Injection
• Cross-site scripting
• Path Manipulation
• Application mapping
• Certificate analysis
• Absolute Path Detection
• Brute Force Authentication attacks
• Directory Traversal
• Buffer Overflows
• Path Truncation
• Character Stripping
• Crawling
• Directory Enumeration
• Sensitive Developer Comments
• Error Message Identification
• Parameter Addition
• Character Encoding
Thanks..
Kendall