Site Home Articles Web Forum File Archive Web Store Top Navigation
 
News
Site News
Tech News
Open News
Debate & Rants
Submit News

Archive
Archive
Articles
Games
Reading
Reviews
Videos
Old KBase
Old Archive

Interaction
IRC Chat
Web Forum

Resources
Anonymity
Dist. Computing
DNS Tools
File Sharing
Gatherings
Terminology
Virus Advisory
Zine Listing

Other
Encrypt
Store
Photo Album

Links
Outward Links
Request Swap
Link to Us

Add Content
Submit Article
Submit Book
Submit FAQ
Submit Game
Submit Files
Submit Review
Submit Terminology
Submit Video

Connect
About
Advertising
Contact
Donate
Jobs

View us Online
Twitter
Facebook

Assistance
Official FAQ
Official Rules
 
Quick Links
Get Firefox!
GoNix.org
DollarDNS
 


Pro PHP Security

Author: Michael Southwell
Rating: 4/5

Buy Now: Amazon

Description

Pro PHP Security is one of the first books devoted solely to PHP security. It will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. (And the methods discussed are compatible with PHP versions 3, 4, and 5.)

The knowledge you'll gain from this comprehensive guide will help you prevent attackers from potentially disrupting site operation or destroying data. And you'll learn about various security measures, for example, creating and deploying "captchas", validating e-mail, fending off SQL injection attacks, and preventing cross-site scripting attempts.



Review

This book is great because it's thorough and on each topic it gives lots of links to additional resources. It's easy to read and it's organized well so you can find what you're looking for.

One of the main things you'll appreciate about this book is that it gives just the right amount of information. It focuses on practical usage of security techniques but you'll also like to know the high-level picture of how and why things got to be the way they are. This book tells you exactly what you'll want to know. A good example is the the section on hashing and encryption. It gives some simplified examples of how the algorithms work and talks about where they came from, which ones are better and why, and how to use them. But it doesn't dive too deeply into encryption theory which would only be interesting to someone wanting to code an encryption routine.

Some of the interesting things you'll learned from this book are:
1) You'll learn about the various hashing and encryption algorithms. Which ones are good and just how good are they.

2) You'll learn all about protecting against cross-site scripting and sql injection. It also has links to sites with sample hack attacks you can run against your own website to see if it's vulnerable.

3) You'll learn how to do captcha screening to make sure people registering for my site are real humans and not robots. As usual, the author provides lots of links to other sites for more resources on captcha.



[File Report]
- v5.0