This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:PHP"
From OWASP
Danehrlich1 (talk | contribs) m (change) |
Danehrlich1 (talk | contribs) (change) |
||
| Line 66: | Line 66: | ||
It is not easy to produce a PHP application without security vulnerabilities. Most application security [[:Category:Vulnerability|vulnerabilities]] apply to PHP applications just like other environments. | It is not easy to produce a PHP application without security vulnerabilities. Most application security [[:Category:Vulnerability|vulnerabilities]] apply to PHP applications just like other environments. | ||
| − | The goals of this project are to provide information about building, configuring, deploying, operating, and maintaining secure PHP applications | + | The goals of this project are to provide information about building, configuring, deploying, operating, and maintaining secure PHP applications |
| − | ; [[PHP Security for | + | ; [[PHP Security for Developers]] |
| + | : * This section covers dangerous calls and common vulnerabilities associated with them, such as system() exec(), eval() and so on. This section will also cover standard security mechanisms available in the standard language, such as cryptography, logging, encryption, and error handling. Securing elements of an application, such as controllers, business logic, and persistence layers will be covered. We'll discuss handling request parameters, encoding, injection, and more. | ||
| + | |||
| + | ; [[PHP Security for DevSecOps]] | ||
: * How to secure a PHP application when running on the major cloud providers. How to secure a PHP application if all you've got is an unmanaged Linux server. Harden web server, harden database, and various network defenses such as WAFs, GeoIP, and DNSBL. | : * How to secure a PHP application when running on the major cloud providers. How to secure a PHP application if all you've got is an unmanaged Linux server. Harden web server, harden database, and various network defenses such as WAFs, GeoIP, and DNSBL. | ||
: * How to secure the development environment. Do you have control over the Source code repository? Are commits signed? How do you know which Docker Images to trust? Do you scan containers for vulnerabilities? | : * How to secure the development environment. Do you have control over the Source code repository? Are commits signed? How do you know which Docker Images to trust? Do you scan containers for vulnerabilities? | ||
| − | ; [[PHP Security for | + | ; [[PHP Security for Software Architects]] |
| − | |||
| − | |||
| − | |||
: * Provides information about the design and architectural considerations for a PHP web application. Which frameworks to use, which frameworks are dead, and using the various FIGs. | : * Provides information about the design and architectural considerations for a PHP web application. Which frameworks to use, which frameworks are dead, and using the various FIGs. | ||
Revision as of 04:48, 2 January 2019
Pages in category "PHP"
The following 10 pages are in this category, out of 10 total.
