Login   Register  
PHP Classes
elePHPant
Icontem

PHP Security

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us

Detection and prevention of security attacks

  All package blogs All package blogs   Blog PHP Classes blog   Blog PHP Security   Post article Post article  
  18 - 9   8 - 1  

239. To TDD or Not TDD? - Lately in PHP podcast episode 48

Posted on: 2014-06-27

Lately the debate about whether you should use TDD or not in all software projects all the time has been very intense. That was one of the main topics discussed by Manuel Lemos and Arturs Sosins in the episode 48 of the Lately in PHP podcast.

They also talked about the upcoming end of life release of PHP 5.3, getting information of parameter type hinting with reflection, using object methods on native data types, security problems of OAuth implementations, and the built-in support of Composer to access password protected repositories.

Listen to the podcast now, or watch the hangout video, or read the transcript text to know more about these interesting PHP discussions.


Blog More ...   Post a comment Post a comment   See comments See comments (2)   Trackbacks (0)

232. Is the Hack Language Going to Replace PHP? - Lately in PHP podcast episode 46

Posted on: 2014-04-21

The release of the Facebook Hack language has shaken the PHP community since it implements several frequently requested features that were never implemented, many users are considering to drop PHP in favor of Hack.

This was one of the main topics discussed by Manuel Lemos and Arturs Sosins on the episode 46 of the Lately in PHP podcast.

They also talked about the OpenSSL Heartbleed security bug may affect PHP sites or not, ideas for the PHP 6 engine, the need for an official PHP specification, and an advanced email validation that can provide suggestions for address typos like Google did you mean feature.

Now listed to the podcast, or watch the hangout video or read the transcript to learn more about these interesting PHP topics.


Blog More ...   Post a comment Post a comment   See comments See comments (8)   Trackbacks (0)

231. OpenSSL Serious Security Bug: Does it Affect Your PHP sites?

Posted on: 2014-04-10

Just a few days ago it was publicly announced a serious security bug called Heartbleed that affects secure sites based on the OpenSSL library.

Read this article to learn more about this security problem, how to test if your Web server or SSH server is vulnerable, how it may affect your PHP sites, what you should do to fix the problem.


Blog More ...   Post a comment Post a comment   See comments See comments (0)   Trackbacks (0)

229. The Security of Future PHP Versions - Lately in PHP podcast episode 45

Posted on: 2014-03-12

As the plans for the upcoming PHP 5.6 and PHP 6 versions are being finalized, some of the proposals are about improving the security of these future PHP versions.

That has been one of the main topics discussed by Manuel Lemos and CÚsar Rodas on the episode 45 of the Lately in PHP podcast.

They also have talked about several other types of proposals and ideas for PHP 6, as well a tutorial on How to Use a Webcam to take Pictures in PHP Application.

Now listen to the podcast, or watch the hangout video or read the transcript text to learn more about these interesting PHP topics that were discussed.


Blog More ...   Post a comment Post a comment   See comments See comments (0)   Trackbacks (0)

220. What Happened in the Security Attack to PHP.net? - Lately in PHP podcast episode 41

Posted on: 2013-11-18

As you may be aware, the PHP.net site was the target of security attack that made it spread malware for a while. The circumstances of this attack were the main topic of discussion between Manuel Lemos, Jim Malico of OWASP and Chris Cornutt of PHPDeveloper.org.

They also commented on the latest efforts to make PHP more secure, as well what PHP developers can do to develop more secure Web sites and applications, and minimizing the damages of eventual security attacks.

This podcast is totally dedicated to PHP security matters and is strongly recommended in particular for security conscientious PHP developers.

Listen to the podcast, or watch the hangout video or read the transcript to learn more about the details of the security discussions they had.


Blog More ...   Post a comment Post a comment   See comments See comments (3)   Trackbacks (0)

218. More New Features for PHP 5.6 - Lately in PHP podcast episode 40

Posted on: 2013-10-15

The proposals of new features for PHP 5.6 continue to come. Several new interesting features are being discussed like named parameters, anonymous classes, nested classes, among other proposals.

This was the main topic discussed by Manuel Lemos and Ernani Joppert in episode 40 of the Lately in PHP podcast.

Now listen to the podcast, or watch the hangout video, or read the transcript to learn what are all the new proposed features and what they think about them.


Blog More ...   Post a comment Post a comment   See comments See comments (0)   Trackbacks (0)

206. Using Grep to Find Security Vulnerabilities in PHP code

Posted on: 2013-05-07

Finding all security vulnerabilities in a piece of code may be hard as it requires in depth analysis of what the code does. However, simple security vulnerabilities follow certain code style patterns that are easier to find with simple search tools.

Read this article to learn how you can find certain types of security vulnerabilities very quickly using the grep program.


Blog More ...   Post a comment Post a comment   See comments See comments (6)   Trackbacks (0)

182. Making the Web Faster with HTTP 2 Protocol

Posted on: 2012-05-03

The HTTP protocol version 2.0 is in the process of being defined. There was a call for proposals and several researchers submitted specifications and ideas that can make the Web faster and better in several other aspects.

Read this article to learn about the details of these proposals and what Web developers can expect to prepare to take advantage of the planned improvements of the HTTP 2.0 protocol.


Blog More ...   Post a comment Post a comment   See comments See comments (10)   Trackbacks (0)

177. Is PHP Source Quality really Good or is it still Insecure? - Lately in PHP podcast episode 21

Posted on: 2012-03-01

A study from Coverity claims that the source code of Open Source projects such as PHP has a low defect rate.

Meanwhile, a few weeks ago, the security expert Stefan Esser claims that PHP source security bug prevention has a lot to be desired because PHP core developers do not have the habit of using source code auditing tools to prevent security bugs.

The matter of the PHP source code quality and security bug prevention was one of the main topics discussed by Manuel Lemos and Ernani Joppert in episode 21 of the Lately in PHP podcast.

Among other interesting topics, they also discuss the new features of Apache 2.4 and whether it is already possible for PHP sites to take advantage of this new Apache release.

Listen to the podcast now or read the transcript to learn about these and other interesting PHP related topics.


Blog More ...   Post a comment Post a comment   See comments See comments (0)   Trackbacks (1)

175. Another Serious Security Bug on PHP 5.3.9

Posted on: 2012-02-03

PHP 5.3.9 release was mostly meant to fix a security bug, but it introduced a new more serious bug. PHP 5.3.10 was just released to fix this issue.

Meanwhile Debian Linux maintainers decided to stop enabling the Suhosin extension by default. This extension is used by several Linux distributions to provide protection against present and future security bugs of PHP.

Read this article to learn more about the just fixed bug what you should do to avoid these security issues. You can also learn more what is the current PHP security status and the importance of the Suhosin extension to prevent PHP security problems.


Blog More ...   Post a comment Post a comment   See comments See comments (23)   Trackbacks (0)

  18 - 9   8 - 1  
  All package blogs All package blogs   Blog PHP Classes blog   Blog PHP Security   Post article Post article