Top Ten Security Vulnerabilities in PHP Code !

1. Unvalidated Parameters Most importantly, turn off register_globals. This configuration setting defaults to off in PHP 4.2.0 and later. Access values from URLs, forms, and cookies through the superglobal arrays $_GET, $_POST, and $_COOKIE. Before you use values from...

Six steps to secure sensitive data in MySQL

If you’re using MySQL, there are some easy things you can do to secure your systems and significantly reduce the risk of unauthorised access to your sensitive data. The most valuable asset for technology-based organisations is usually the customer or product...

Security and Hardening Tips for PHP

Disable sensetive functions in PHP Edit the php.ini file : sudo vi /etc/php5/apache2/php.ini Add or edit the following lines an save : disable_functions = exec,system,shell_exec,passthru,etc ...... register_globals = Off expose_php = Off display_errors = Off...

Security and Hardening Tips for MySQL

Disable or restrict remote access Consider whether MySQL will be accessed from the network or only from its own server. If remote access is used, ensure that only defined hosts can access the server. This is typically done through TCP wrappers, iptables, or any other...

YII Framework

Yii is a high­ performance component ­based PHP framework for developing large ­scale Web applications. It enables maximum reusability in Web programming and can significantly accelerate the development process. The Yii framework is free software. It is released under...