PHP Security for Dummies

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
soccio97
Forum Newbie
Posts: 12
Joined: Wed Nov 12, 2008 10:59 am
Location: Sumter, SC
Contact:

PHP Security for Dummies

Post by soccio97 »

I purchased 94 ready made websites with Google, Amazon and eBay. It's kind of a hobby since I don't make enopugh to call it a business. Basically I have two domains (http://www.MyStudentLoanNow.com and http://www.TellMeAboutThat.com). TellMeAboutThat.com has 94 Sub-Domains.

TellMeAboutThat.com has been hacked twice in the last month. The first time they also got three (3) of the sub-domains and the last time one (at least that I've found). HostGator says it is a scripting problem and said I should get with the authors for updates. The problem is that I won the sites at eBay auctions and don't know who wrote them.

Although I've learned a lot, through trial and error, to help me improve and make changes to the site, I really know nothing about writing scripts or programming. I'm just a regular guy trying to make some change on the side and cannot afford $2,000 for the security programs offered online.

Can someone give me some basic PHP code for dummies and tell me where it goes so that I can protect my sites. The hackers really can't get anything as the sites are really informational and I do not collect visitors credit card, PayPal or other credit info. It's really just annoying and time consuming to fix.

Please help!!
User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: PHP Security for Dummies

Post by Eran »

This thread should get you started - viewtopic.php?f=6&t=92167
soccio97
Forum Newbie
Posts: 12
Joined: Wed Nov 12, 2008 10:59 am
Location: Sumter, SC
Contact:

Re: PHP Security for Dummies

Post by soccio97 »

Thank you!! There's a lot of good information there and obviously a lot I have to learn.
aschlosberg
Forum Newbie
Posts: 24
Joined: Fri Jan 23, 2009 10:17 pm

Re: PHP Security for Dummies

Post by aschlosberg »

I'd recommend Chris Shiflett's site and book:

http://shiflett.org/

The book is short and easy to understand yet very comprehensive. Security is not particularly difficult, it's a matter of the right frame of mind and knowing how to approach problems which Chris explains very well.
User avatar
kaisellgren
DevNet Resident
Posts: 1675
Joined: Sat Jan 07, 2006 5:52 am
Location: Lahti, Finland.

Re: PHP Security for Dummies

Post by kaisellgren »

I will be constantly updating my blog: http://phptalk.net

It's almost like php.net, but add word "talk" into it. :)
Post Reply