Pro PHP Security
From Application Security Principles to the Implementation of XSS Defenses
2nd Edition
Published on 10. December 2010
Book
Paperback/Softback
XVIII, 368 pages
978-1-4302-3318-3 (ISBN)
Description
PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also delve into recent developments like mobile security, the impact of JavaScript, and the advantages of recent PHP hardening efforts.
Pro PHP Security, Second Edition will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a lot of material on secure PHP development, the basics of encryption, secure protocols, as well as how to reconcile the demands of server-side and web application security.
More details
Edition
2nd ed.
Language
English
Place of publication
Berkeley
United States
Target group
Popular/general
Edition type
Revised edition
Product notice
Paperback (trade)
Unsewn / adhesive bound
Illustrations
XVIII, 368 p.
Dimensions
Height: 234 mm
Width: 194 mm
Thickness: 20 mm
Weight
644 gr
ISBN-13
978-1-4302-3318-3 (9781430233183)
DOI
10.1007/978-1-4302-3319-0
Schweitzer Classification
Other editions
Additional editions
Chris Snyder | Thomas Myer | Michael Southwell
Pro PHP Security
From Application Security Principles to the Implementation of XSS Defenses
E-Book
07/2011
2nd Edition
APress
€79.99
Available for download
Persons
Chris Snyder is a software engineer at the Fund for the City of New York, where he helps develop next-generation websites and services for nonprofit organizations. He is a member of the executive board of New York PHP, and has been looking for new ways to build scriptable, linked, multimedia content since he saw his first Hypercard stack in 1988.
Content
The Importance of Security.- Why Is Secure Programming a Concern?.- Practicing Secure PHP Programming.- Validating and Sanitizing User Input.- Preventing SQL Injection.- Preventing Cross-Site Scripting.- Preventing Remote Execution.- Enforcing Security for Temporary Files.- Preventing Session Hijacking.- Securing REST Services.- Practicing Secure Operations.- Using CAPTCHAs.- User Authentication, Authorization, and Logging.- Preventing Data Loss.- Safe Execution of System and Remote Procedure Calls.- Creating a Safe Environment.- Securing Unix.- Securing Your Database.- Using Encryption.- Securing Network Connections: SSL and SSH.- Final Recommendations.