Essential PHP Security : O'Reilly Ser. - Chris Shiflett

Instant online reading.

Essential PHP Security

By: Chris Shiflett

Write A Review

Paperback | 28 October 2005

At a Glance

Paperback
124 Pages

Dimensions(cm)
12 x 176 x 232

Paperback

RRP $56.99

$30.75

46%OFF

or 4 interest-free payments of $7.69 with

In Stock and Ships in 1-2 business days

Being highly flexible in building dynamic, database-driven web applications makes the PHP programming language one of the most popular web development tools in use today. It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks. Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book. In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks. Topics covered include: * Preventing cross-site scripting (XSS) vulnerabilities * Protecting against SQL injection attacks * Complicating session hijacking attempts You are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.

Industry Reviews

You've heard the nasty stories about PHP sites being wiped off the web by evil hackers? Sadly it's not scare-mongering as it does happen, and as much as we love PHP it needs proper security to keep your site safe from harm. Plenty of PHP books have the odd chapter on security but at last O'Reilly have published a whole volume dedicated to the cause, with all the code you'll need to keep everything in order. Each chapter covers a different aspect of the application, from form processing to database programming and session management. Written in a straight forward style, it's ideal for every PHP user, but at GBP20 you might expect a little more than just 100 pages." .NET, November 2005 "If you write PHP scripts, get a copy" - Alain Williams, news@UK, March 2006

Shipping

	Standard Shipping	Express Shipping
Metro postcodes:	$9.99	$14.95
Regional postcodes:	$9.99	$14.95
Rural postcodes:	$9.99	$14.95

Orders over $79.00 qualify for free shipping.

How to return your order

At Booktopia, we offer hassle-free returns in accordance with our returns policy. If you wish to return an item, please get in touch with Booktopia Customer Care.

Additional postage charges may be applicable.

Defective items

If there is a problem with any of the items received for your order then the Booktopia Customer Care team is ready to assist you.

For more info please visit our Help Centre.

You Can Find This Book In

Non-Fiction Computing & I.T.Computer Programming & Software Development Programming & Scripting Languages Computer Security Data Encryption Digital Lifestyle & Online World: Consumer & User Guides Internet Guides & Online Services Computer Networking & Communications Network Security Computer Science Booktopia Publisher Services

John Wiley & Sons Publishers UK Graphical & Digital Media Applications Web Graphics & Design Bargains Non-Fiction Bargains Autobiography and Biography Bargains

Foreword	p. vii
Preface	p. ix
Introduction	p. 1
PHP Features	p. 2
Principles	p. 4
Practices	p. 7
Forms and URLs	p. 15
Forms and Data	p. 15
Semantic URL Attacks	p. 18
File Upload Attacks	p. 20
Cross-Site Scripting	p. 23
Cross-Site Request Forgeries	p. 24
Spoofed Form Submissions	p. 29
Spoofed HTTP Requests	p. 30
Databases and SQL	p. 33
Exposed Access Credentials	p. 34
SQL Injection	p. 35
Exposed Data	p. 39
Sessions and Cookies	p. 40
Cookie Theft	p. 41
Exposed Session Data	p. 43
Session Fixation	p. 43
Session Hijacking	p. 48
Includes	p. 51
Exposed Source Code	p. 51
Backdoor URLs	p. 52
Filename Manipulation	p. 53
Code Injection	p. 55
Files and Commands	p. 57
Traversing the Filesystem	p. 57
Remote File Risks	p. 60
Command Injection	p. 61
Authentication and Authorization	p. 63
Brute Force Attacks	p. 64
Password Sniffing	p. 67
Replay Attacks	p. 68
Persistent Logins	p. 69
Shared Hosting	p. 74
Exposed Source Code	p. 74
Exposed Session Data	p. 77
Session Injection	p. 81
Filesystem Browsing	p. 82
Safe Mode	p. 84
Configuration Directives	p. 87
Functions	p. 92
Cryptography	p. 97
Index	p. 105
Table of Contents provided by Ingram. All Rights Reserved.

Essential PHP Security

At a Glance

Paperback

Industry Reviews

Shipping

How to return your order

Defective items

You Can Find This Book In

More in Network Security

Grey Area

Dark Web Data Collection and the Future of OSINT

Dark Wire

The Incredible True Story of the Largest Sting Operation Ever

It's Not in the Manual

Real-World Leadership for Security and Risk Professionals

Hacking For Dummies

For Dummies (Computer/Tech)

Dark Wire

The Incredible True Story of the Largest Sting Operation Ever

Cybersecurity All-in-One For Dummies

For Dummies

Tech-Smart Parenting

How to keep your kids happy and safe online

The New Age of Sexism

How the AI Revolution is Reinventing Misogyny

Password Logbook (Hip Floral)

Keep Track of Usernames, Passwords, Web Addresses in One Easy and Organized Location

Keanu Reeves Is Not In Love With You

The Murky World of Online Romance Fraud

Crafting an Information Security Playbook

Network Security Essentials 6ed

Applications and Standards, Global Edition

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle

Sybex Study Guide

Cryptography and Network Security

8th Edition - Principles and Practice, Global Edition

The Web Application Hacker's Handbook

Finding and Exploiting Security Flaws 2E

Linux Basics for Hackers, 2nd Edition

Getting Started with Networking, Scripting, and Security in Kali

Threat Modeling

A Practical Guide for Development Teams

Container Security

Fundamental Technology Concepts That Protect Containerized Applications

Constraints and Advanced Solutions for LTE-Advanced Heterogeneous Networks

Linux Security Cookbook

Cookbooks Ser.

Intelligent and Secure Solutions for Digital Transformation

AI Forensics

Investigation and Analysis of Artificial Intelligence Systems

Forensic Investigation of Smart Digital Devices

A Hands-on Guide

Forensic Investigation of Smart Digital Devices

A Hands-on Guide

This product is categorised by