Web Security 2016 From php[architect] Magazine Год издания: 2016 Автор: Oscar Merida Издательство: [php]architect ISBN:
print: 978-1-940111-41-4
PDF: 978-1-940111-42-1
epub: 978-1-940111-43-8
mobi: 978-1-940111-44-5
Язык: Английский Формат: PDF, EPUB, MOBI Качество: Издательский макет или текст (eBook) Интерактивное оглавление: Да Описание: Are you keeping up with modern security practices? This anthology collects articles rst published in php[architect] magazine. Each one touches on a security topic to help you harden and secure your PHP and web applications. Your users’ information is important, make sure you’re treating it with care. This anthology includes:
An overview of the attacks you should be familiar with and how to protect against exploits.
Using a PHP-based Intrusion Detection System to monitor and reject requests that attempt to breach your site.
How to protect against SQL Injection from user-supplied data by using prepared statements.
A case study in how the Drupal security team keeps core and contributed modules safe.
How to securely store passwords and understanding the techniques used to crack credentials.
Using OAuth 2.0 to connect to web services and fetch information for your users without asking for a password.
How web service security di ers from traditional web application security and advice for e ectively protecting one from malicious users.
Identifying the right kind of cryptography to implement in your application and doing it correctly.
Примеры страниц
Оглавление
Chapter 1. Is Your Website Secure from Hackers?
Authentication and Authorization
Database Interaction
Files and Resources
CMS, Framework, and Other Components
Final Note
Additional resources
Chapter 2. Basic Intrusion Detection with Expose
What Is an IDS and Why You Should Use One
Advantages, Limitations, and Disadvantages of Expose
Expose Installation Run Through
Logging, Alerting, and Thresholds
Next Steps
Conclusion
Chapter 3. DeLoreans, Data, and Hacking Sites
Introduction
What Is SQLi?
Identifying Potential SQL Injection
“Hacking” Your Own Sites
Prepared Statements
Conclusion
Chapter 4. Drupal Security: How Open Source Strengths Manage Software Vulnerabilities
Drupal 8
Keeping a Drupal Site Secure
Drupal Security Team
Software Vulnerabilities
Reporting a Drupal Security Issue
Handling Drupal Security Issues
Security Advisory
The Drupal Security Team Welcomes New Members
Open Source
Chapter 5. Mastering OAuth 2.0
Let’s Jump In
Preparing for OAuth
Integrating with Instagram
A Brief History of Web Authorization
What is OAuth 2.0?
Toward a More Secure Web
Chapter 6. Keep Your Passwords Hashed and Salted
Introduction
Rule One: No Plain Text
What is Hashing?
How to Use Hashes
Techniques Crackers Employ to Break Hashes
Salting Passwords
Use Proper Salt
Hashing Algorithms
Better Algorithms
Hashing in PHP
Password-Related Functions in Modern PHP
Summary
Chapter 7. Learn from the Enemy: Securing Your Web Services, Part One
It Happens
Web Services are Different
Learn from the Master
Looking Forward
Additional Reading
Chapter 8. Security Architecture: Securing your Web Services, Part Two
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum