PhpRiot
News Archive
PhpRiot Newsletter
Your Email Address:

More information

DeveloperDrive.com: 5 PHP Security Measures

Note: This article was originally published at PHPDeveloper on 21 April 7773.
PHPDeveloper

On the DeveloperDrive.com site today there's a new post with five easy steps you can take to help increase the security of your PHP-based applications.

For many years, PHP has been a stable, inexpensive platform on which to operate web-based applications. Like most web-based platforms, PHP is vulnerable to external attacks. Developers, database architects and system administrators should take precautions before deploying PHP applications to a live server. Most of these techniques can be accomplished with a few lines of code or a slight adjustment to the application settings.

The five tips they list range from general "best practice" kinds of things to a bit more specific:

  • Manage Setup Scripts
  • Include Files (using ".php" not ".inc")
  • MD5 vs. SHA
  • Automatic Global Variables (no longer an issue in recent releases, 5.4.x)
  • Initialize Variables and Values