What's Inside
The book is organized into chapters that address specific topics related to PHP development. Each chapter is further divided into sections that cover the most common attacks related to a particular topic, and you are shown both how the attacks are initiated and how to protect your applications from them.
Chapter 1, Introduction
Gives an overview of security principles and best practices. This chapter provides the foundation for the rest of the book.
Chapter 2, Forms and URLs
Covers form processing and attacks such as cross-site scripting and cross-site request forgeries.
Chapter 3, Databases and SQL
Focuses on using databases and attacks such as SQL injection.
Chapter 4, Sessions and Cookies
Explains PHP's session support and shows you how to protect your applications from attacks such as session fixation and session hijacking.
Chapter 5, Includes
Covers the risks associated with the use of includes, such as backdoor URLs and code injection.
Chapter 6, Files and Commands
Discusses attacks such as filesystem traversal and command injection.
Chapter 7, Authentication and Authorization
Helps you create secure authentication and authorization mechanisms and protect your applications from things like brute force attacks and replay attacks.
Chapter 8, Shared Hosting
Explains the inherent risks associated with a shared hosting environment. You are shown how to avoid the exposure of your source code and session data, as well as how to protect your applications from attracks such as session injection.
Appendix A, Configuration Directives
Provides a short and focused list of configuration directives that deserve particular attention.
Appendix B, Functions
Offers a brief list of functions with which you should be concerned.
Appendix C, Cryptography
Focuses on symmetric cryptography and shows you how to safely store passwords and encrypt data in a database or session data store.
Sai Gopal Wordpress Blog
Saigopal's website
My Daughter Website
Palwow
No comments:
Post a Comment