Archive for the ‘Security’ Category

Securing PHP Applications Part III – Securing PHP on the server / Securing MySQL and Apache

Hi there. This is the last part of this tutorial where I tell you a few things about securing PHP on the server, about securing MySQL and Apache.
OBS: If you don’t administer your own server, this information will be useful to you while shopping for a Web host, so you better continue reading.
Before starting this [...]

Securing PHP Applications Part II – Securing PHP code

5. SQL injections
What is it?
This type of attack is one of the most common attacks. SQL injections occur after two failures of the part of developers: failure to filter data as it enters the application (filter input) and failure to escape data as it is sent to the database (escape output). For example, let’s suppose we [...]

Securing PHP applications Part I – Securing PHP code

There are a lot of books treating this issue. So, why another post about this subject. Well, here a try to cover this problem in a short way so that you don’t have to read hundreds of pages or to search all over the Internet for this.
These being said, you must know that securing a [...]

Bandwidth limit script

Sometimes you want to limit the bandwidth for certain ips or sites, in order to keep your traffic within limits, or to keep constant bandwidth to all users, regardless of how much they are downloading.
Here is a solution to do that:

How safe strip_tags is?

Many developers rely on strip_tags to validate user input, and, although the function does a good job when removing all the html tags, there are some security issues when you want to leave some of them (like <a> or <img>).
That is because, although you removed all the <script> tags from the input, that doesn’t mean [...]