Essential PHP Security
February 21, 2006 - Books, Web Development
As posted some days ago I received a shipment from Amazon, including the book Essential PHP Security. Over the last couple of days I perused it and found it a very interesting and insightful read.
I knew most of the issues Chris Shiflett writes about already, as I’m working with PHP for several years now, but I discovered a couple of new tricks and gained some further insight on securing web applications in general. Even though I always tried to write secure applications the book managed to make me focus on security even more in the future.
To quote Andi Gutmans, PHP developer and co-founder of Zend Technologies, from the foreword of the book: The majority of them [security vulnerabilites] are not a result of flaws in PHP itself, but are due to improper and insecure uses of PHP by application developers.
What he want’s to say is pretty obvious. It’s up to us, the application developers, to use the tools and possibilities PHP - or any other programming language for that matter - provides to write secure source code.
The bottom line is that this book gives a very good overview on how to make your PHP applications more secure and provides some interesting examples of different types of potential attacks against your web application. It’s not covering all aspects you might think of on it’s 103 pages of text but as I already stated, it does make you think about the topic and makes you focus more on it.
Nothing left to say except that I added the RSS feed of Chris Shiflett’s blog to my newsreader and am going to visit his site regularly from now on.
Comments
There are no comments for this post yet. Use the form below to leave a comment.
Leave a comment
this page is valid XHTML and CSS as well as powered by WordPress
posts are also available as an RSS 2.0 Feed
RSS 2.0 Feed
del.icio.us Bookmark