PHP Security Tips
At the devzone, Cal Evans has written 21 php security tips. I have only read #17 where you can download a 37 page guide (in pdf) that explains the terms and concepts involved in securing your PHP application.
Application security should not be a “when all else fails” situation. It’s not something you can “put in later”. As we’ve mentioned before, there is no single silver bullet to solve your application security issues. Security is something that should be rolling around in the back of your dead in the design phase, the coding phase, the testing phase, even after you’ve rolled your code into production.
2 Comments
primerg on December 13th, 2007
In reality, some organizations just overlook until the time they are attacked! Yay!
ner on October 25th, 2007
True, true, true. Security SHOULD always be the first in the planning stage.