Securing PHP web applications /

Ballad, Tricia,

Securing PHP web applications / Tricia Ballad, William Ballad. - xv, 308 pages : illustrations ; 24 cm.

Includes bibliographical references (pages 285-288) and index.

Part I: Web Development Is a Blood Sport--Don't Wander onto the Field without a Helmet Chapter 1: Security Is a Server Issue and Other Myths Part II: Is That Hole Really Big Enough to Drive a Truck Through? Chapter 2: Error HandlingChapter 3: System Calls Part III: What's in a Name? More than You Expect Chapter 4: Buffer Overflows and Variable Sanitation Chapter 5: Input Validation Chapter 6: Filesystem Access: Accessing the Filesystem for Fun and Profit Part IV: "Aw, Come On, Man, You Can Trust Me" Chapter 7: Authentication Chapter 8: Encryption Chapter 9: Session Security Chapter 10: Cross-Site Scripting Part V: Locking Up for the Night Chapter 11: Securing Apache and MySQL Chapter 12: Securing IIS and SQL Server Chapter 13: Securing PHP on the Server Chapter 14: Introduction to Automated Testing Chapter 15: Introduction to Exploit Testing Part VI: "Don't Get Hacked" Is Not a Viable Security Policy Chapter 16: Plan A: Designing a Secure Application from the Beginning Chapter 17: Plan B: Plugging the Holes in Your Existing Application Epilogue Appendix A Glossary Index.

"Hackers specifically target PHP Web applications. Why? Because they know many of these apps are written by programmers with little or no experience or training in software security. Don't be victimized. Securing PHP Web Applications will help you master the specific techniques, skills, and best practices you need to write rock-solid PHP code and harden the PHP software you're already using." "Drawing on more than fifteen years of experience in Web development, security, and training, Tricia and William Ballad show how security flaws can find their way into PHP code, and they identify the most common security mistakes made by PHP developers. The authors present practical, specific solutions-techniques that are surprisingly easy to understand and use, no matter what level of PHP programming expertise you have." "Securing PHP Web Applications covers the most important aspects of PHP code security, from error handling and buffer overflows to input validation and filesystem access. The authors explode the myths that discourage PHP programmers from attempting to secure their code and teach you how to instinctively write more secure code without compromising your software's performance or your own productivity."--Jacket.

9780321534347 0321534344



014777094 Uk

PHP (Computer program language).
Web services--Security measures.
Internet--Computer programs--Security measures.
Application software--Development.

QA76.73.P224 / B35 2009

005.8 BA.S 2009 G.C