- Paperback: 336 pages
- Publisher: Addison-Wesley Professional; 1 edition (December 26, 2008)
- Language: English
- ISBN-10: 0321534344
- ISBN-13: 978-0321534347
- Product Dimensions: 7 x 0.7 x 9.2 inches
- Shipping Weight: 1.1 pounds (View shipping rates and policies)
- Average Customer Review: 5 customer reviews
- Amazon Best Sellers Rank: #2,491,057 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Securing PHP Web Applications 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
Frequently bought together
Customers who bought this item also bought
From the Back Cover
Easy, Powerful Code Security Techniques for Every PHP Developer Hackers specifically target PHP Web applications. Why? Because they know many of these apps are written by programmers with little or no experience or training in software security." Don't be victimized. Securing PHP Web Applications" will help you master the specific techniques, skills, and best practices you need to write rock-solid PHP code and harden the PHP software you're already using. Drawing on more than fifteen years of experience in Web development, security, and training, Tricia and William Ballad show how security flaws can find their way into PHP code, and they identify the most common security mistakes made by PHP developers. The authors present practical, specific solutions-techniques that are surprisingly easy to understand and use, no matter what level of PHP programming expertise you have. "Securing PHP Web Applications" covers the most important aspects of PHP code security, from error handling and buffer overflows to input validation and filesystem access. The authors explode the myths that discourage PHP programmers from attempting to secure their code and teach you how to instinctively write more secure code without compromising your software's performance or your own productivity. Coverage includes
- Designing secure applications from the very beginning-and plugging holes in applications you can't rewrite from scratch
- Defending against session hijacking, fixation, and poisoning attacks that PHP can't resist on its own
- Securing the servers your PHP code runs on, including specific guidance for Apache, MySQL, IIS/SQL Server, and more
- Enforcing strict authentication and making the most of encryption
- Preventing dangerous cross-site scripting (XSS) attacks
- Systematically testing yourapplications for security, including detailed discussions of exploit testing and PHP test automation
- Addressing known vulnerabilities in the third-party applications you're already running
About the Author
Tricia Ballad spent several years as a Web applications developer on the LAMP (Linux, Apache, MySQL, PHP/Perl) platform before becoming a full-time writer and technical editor. She currently writes online courseware on various technology topics.
William Ballad has worked in every aspect and at all levels of information technology, from hardware maintenance at a small mom-and-pop ISP to architect of Windows-based and heterogeneous networks at some of the world’s largest corporations. An active member of the IT security community for many years, he recently led an effort to counter an international hacker group exploiting OptionCart, a widely used e-commerce system.
The Ballads have collaborated on several Web development books, including PHP & MySQL Web Development All-in-One Desk Reference for Dummies (Wiley Publishing, 2008).