This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "Category:OWASP PHP Project"

Jump to: navigation, search
m (moved to category:php)
(15 intermediate revisions by the same user not shown)
Line 1: Line 1:
#REDIRECT [[:Category:PHP]]
! width="700" align="center" | <br>
! width="500" align="center" | <br>
| align="right" | [[Image:OWASP Inactive Banner.jpg|800px| link=]]
| align="right" |
The OWASP PHP Project's goal (''[[OWASP PHP Project Roadmap]]'') is to enable developers, systems administrators and application architects to build and deploy secure applications built using the PHP programming language.
==Joining the Project==
[mailto:[email protected] Serg Belokamen] is currently steering the project. 
Please submit your ideas for individual articles to the [[OWASP PHP Project Proposals]].
If you would like to contribute to the OWASP PHP Project please:
# Visit the [[Tutorial]];
# Join the [ mailing list];
# Read the [[OWASP PHP Project Roadmap]]; and
# Pick a topic from the [[OWASP PHP Project Proposals]], [[OWASP PHP Project Roadmap]] or suggest a new topic.
Remember to add the tag: <nowiki>[[Category:OWASP PHP Project]]</nowiki> to the end of new articles so that they're properly categorised.
==PHP Security Overview==
It is not easy to produce a PHP application without security vulnerabilities. Most application security [[:Category:Vulnerability|vulnerabilities]] apply to PHP applications just like other environments.
The goals of this project are to provide information about building, configuring, deploying, operating, and maintaining secure PHP applications. We cover the following topics or pick a topic from the [[OWASP PHP Table of Contents]]
; [[PHP Security for Architects]]
: Provides information about the design and architectural considerations for a PHP web application.  Common architectures such as MVC, Ajax, Web Services and PEAR / Zend Frameworks are discussed.
; [[PHP Security for Developers]]
: This section covers dangerous calls and common vulnerabilities associated with them, such as system() exec(), eval() and so on. This section will also cover standard security mechanisms available in the standard language, such as cryptography, logging, encryption, and error handling. Securing elements of an application, such as controllers, business logic, and persistence layers will be covered. We'll discuss handling request parameters, encoding, injection, and more.
; [[PHP Security for Deployers]]
: These articles cover topics specifically related to the PHP hosting environment. We discuss minimizing the attack surface, configuring error handlers, and performing hardening of PHP.
==PHP Articles==
* [[PHP Top 5]] - OWASP PHP Top 5
[[Category:OWASP PHP Project]]
[[Category:OWASP Project|PHP Project]]

Latest revision as of 11:01, 21 January 2016

Redirect to:

This category currently contains no pages or media.