Description
Hackers target PHP web applications more often than other sites because most PHP code is written by developers with little security experience. Protecting web applications from these attacks has become an essential skill for all PHP developers. Creating Secure PHP Websites shows you how to meet the most important security challenges when developing websites with PHP. Instructor Kevin Skoglund covers the techniques and PHP code needed to develop sites that are more secure, and to avoid common mistakes. Learn how to configure PHP properly and filter input and escape output. Then check out step-by-step defenses against the most common forms of attack, and the best practices to use for encryption and user authentication.
Topics include:
Cross-site scripting (XSS)
Cross-site request forgery (CSRF)
SQL injection
Encrypting and signing cookies
Session hijacking and fixation
Securing uploaded files
User authentication
Throttling brute-force attacks
Blacklisting IPs
Implementing password reset tokens