WebApp Sec mailing list archives
RE: Anyone have some basic security tips for PHP-programmers?
From: "Herbold, John W." <JWHERBOLD () arkbluecross com>
Date: Thu, 20 Nov 2003 13:08:49 -0600
A simple one, but watch for overflow. If you allow a user to input, use edits. Do not rely on HTML or Java edits, as they can bypass those by typing in the URL. It has also been recommended that all code gets compiled, so the code can not be compromised. I have also heard of placing the website code on a server with a lot of memory, and placing the entire website on a CD-ROM, so it can not be defaced. Thanks, John W. Herbold Jr. Security Specialist 501-399-3939 -----Original Message----- From: Matthews, Chris [mailto:CMatthews () MAIL co washoe nv us] Sent: Friday, November 14, 2003 10:33 AM To: webappsec () securityfocus com Subject: Anyone have some basic security tips for PHP-programmers? Good Morning (at least here in Nevada) I am a graphics guy by trade, who happens to have some proficiency with code. Since my PHP knowledge is pretty much self-taught, however, I am certain that I'm probably doing some hack-prone stuff. Anyone have any hints for good PHP practices (Looking for kind of a "This is one of the most common PHP security flaws" kind of thing)? Chris Matthews E-Government Information Officer Community Relations, Washoe County http://www.co.washoe.nv.us 775.328.3719
Current thread:
- RE: Anyone have some basic security tips for PHP-programmers?, (continued)
- Re: Anyone have some basic security tips for PHP-programmers? James Mitchell (Nov 20)
- RE: Anyone have some basic security tips for PHP-programmers? arek (Nov 20)
- Re: Anyone have some basic security tips for PHP-programmers? James Mitchell (Nov 22)
- Re: Anyone have some basic security tips for PHP-programmers? DownBload (Nov 18)
- RE: Anyone have some basic security tips for PHP-programmers? Keifer, Trey (Nov 18)
- Re: Anyone have some basic security tips for PHP-programmers? tim (Nov 22)
- Re: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 22)
- Re: Anyone have some basic security tips for PHP-programmers? Tommy Gildseth (Nov 23)
- Re: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 23)
- Re: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 22)
- RE: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 24)
- Re: Anyone have some basic security tips for PHP-programmers? Andreas (Nov 25)
- Re: Anyone have some basic security tips for PHP-programmers? Härnhammar , Ulf (Nov 25)
- Re: Anyone have some basic security tips for PHP-programmers? Sverre H. Huseby (Nov 25)