PHP Security

67. PHP security exploit with GIF images

Posted on: 2007-06-20

This post talks about a PHP security exploit that can be performed using specially crafted GIF images that embed malicious PHP code. Advice is given on what to do and to not do to avoid the problem.

 More ...    Post a comment    See comments (26)   Trackbacks (13)

65. 8 defensive programming best practices to prevent breaking your sites

Posted on: 2007-04-25

This article describes software development practices that have been used to prevent problems that can break Web sites.

This message also explains recent changes that were made to the site newsletter user options to reduce the site bandwidth usage to keep the hosting costs on budget.

 More ...    Post a comment    See comments (11)   Trackbacks (15)

55. Improved browsing and cross site scripting prevention

Posted on: 2006-06-28

This post announces several improvements on the way of viewing the files of the packages available on the site.

An extensive explanation is provided about the security concerns of presenting content from untrusted sources, specifically those that may lead to security abuses known as cross-site scripting.

Several solutions to prevent cross-site script exploits are presented. A solution named "safe domain" used by the site, that is not very well known, is presented in detail.

 More ...    Post a comment    See comments (7)   Trackbacks (1)

26. Security vulnerabilities, site tips and PHP-Con US conference

Posted on: 2003-07-24

Security issues have always been a major concern for those that are responsible for Web sites. Every day, security experts discover new vulnerabilities in computer programs that many of us use in our Web sites.

That would not be a problem if such experts would not use the knowledge about those vulnerabilities to compromise our systems and cause any harm.

 More ...    Post a comment    See comments (0)   Trackbacks (0)