Tuesday, 15 January 2013

How to start writing secure PHP code



// Some basics of writing #secure   #code  from Nathan Good at IBM

1) Validate input
2) Guard your file system
3) Guard your database
4) Guard your session data
5) Guard against Cross-Site Scripting (XSS) vulnerabilities
6) Verify form posts
7) Protect against Cross-Site Request Forgeries (CSRF)

Kind of seem obvious, but they are not to a lot of people. The full read, "Seven habits for writing secure PHP applications", here: http://ibm.co/X0jCyP

2 comments:

  1. any chance of sharing the non shorten link I never follow them as I have no idea where they lead.

    ReplyDelete
  2. As you can see from the domain (ibm.co) it's a page on the IBM site. Here is the full url http://www.ibm.com/developerworks/opensource/library/os-php-secure-apps/index.html

    ReplyDelete