10 Replies - 14098 Views - Last Post: 11 February 2014 - 05:38 AM Rate Topic: -----

#1 JackOfAllTrades  Icon User is offline

  • Saucy!
  • member icon

Reputation: 6107
  • View blog
  • Posts: 23,663
  • Joined: 23-August 08

PHP and Security Links

Posted 01 June 2011 - 02:18 AM

*
POPULAR

Some good links on securing your website:

Open Web Application Security Project (OWASP)
Chris Shiflett's Blog
Google Code University
Writing Secure PHP
OWASP's PHP Security Cheat Sheet

Is This A Good Question/Topic? 13
  • +

Replies To: PHP and Security Links

#2 c1ph3r  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 18
  • Joined: 08-July 11

Re: PHP and Security Links

Posted 11 July 2011 - 01:32 AM

Already know about first three..
4th one is new to me.

Thanks for Share
Was This Post Helpful? 0
  • +
  • -

#3 pandayai  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 1
  • Joined: 03-August 11

Re: PHP and Security Links

Posted 03 August 2011 - 01:27 AM

Thank you,to share file
Was This Post Helpful? 0
  • +
  • -

#4 king1212  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 65
  • Joined: 06-September 11

Re: PHP and Security Links

Posted 09 September 2011 - 08:19 AM

thank you for sharing
Was This Post Helpful? 0
  • +
  • -

#5 JacksonD  Icon User is offline

  • D.I.C Head

Reputation: 9
  • View blog
  • Posts: 215
  • Joined: 18-October 11

Re: PHP and Security Links

Posted 18 October 2011 - 06:08 PM

View Postc1ph3r, on 11 July 2011 - 01:32 AM, said:

Already know about first three..
4th one is new to me.

Thanks for Share

thanks for the links, All are knew to me except the last one. For other people, those links are well worth a ty.
Was This Post Helpful? 0
  • +
  • -

#6 JackOfAllTrades  Icon User is offline

  • Saucy!
  • member icon

Reputation: 6107
  • View blog
  • Posts: 23,663
  • Joined: 23-August 08

Re: PHP and Security Links

Posted 07 April 2012 - 03:24 AM

An excellent blog post on the state of password hashing today. The use of GPUs in cracking passwords has made breaking hashes to get user passwords too easy. Highlights/important take-aways:

Quote

Make sure all your passwords are 12 characters or more, ideally a lot more. I recommend adopting pass phrases, which are not only a lot easier to remember than passwords (if not type) but also ridiculously secure against brute forcing purely due to their length.


Quote

Use bcrypt or PBKDF2 exclusively to hash anything you need to be secure. These new hashes were specifically designed to be difficult to implement on GPUs. Do not use any other form of hash. Almost every other popular hashing scheme is vulnerable to brute forcing by arrays of commodity GPUs, which only get faster and more parallel and easier to program for every year.


PHP developers should look to the phpass library for a bcrypt implementation.
Was This Post Helpful? 2
  • +
  • -

#7 abcdxyz  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 1
  • Joined: 15-May 12

Re: PHP and Security Links

Posted 17 May 2012 - 12:01 AM

hi good sharing dude
Was This Post Helpful? 0
  • +
  • -

#8 CitooZz  Icon User is offline

  • New D.I.C Head

Reputation: -5
  • View blog
  • Posts: 4
  • Joined: 15-June 12

Re: PHP and Security Links

Posted 15 June 2012 - 03:30 AM

thanks dude for sharing :001_icon16:
Was This Post Helpful? 0
  • +
  • -

#9 James_Smith  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 25
  • Joined: 20-July 12

Re: PHP and Security Links

Posted 24 September 2012 - 03:32 AM

Hi JackOfAllTrades,

Great share as today there is a more chances of hacking our website by hackers any time so for preventing to hack our business website - we have to make it secure. And these are the most important resources to learn new things and ideas about how to secure your website?
Was This Post Helpful? 0
  • +
  • -

#10 JackOfAllTrades  Icon User is offline

  • Saucy!
  • member icon

Reputation: 6107
  • View blog
  • Posts: 23,663
  • Joined: 23-August 08

Re: PHP and Security Links

Posted 10 June 2013 - 02:59 AM

Update: Now recommending the use of password_compat for PHP password hashing as it's forward-compatible with the upcoming PHP 5.5 release. Here is a video on password hashing by the author of this library:

Password Hashing in PHP
Was This Post Helpful? 0
  • +
  • -

#11 JackOfAllTrades  Icon User is offline

  • Saucy!
  • member icon

Reputation: 6107
  • View blog
  • Posts: 23,663
  • Joined: 23-August 08

Re: PHP and Security Links

Posted 11 February 2014 - 05:38 AM

More links:

Survive the Deep End: PHP Security
PHP Password Hashing - A Dead Simple Implementation
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1