PHP

Snyk

5 ways to prevent PHP code injection

Following on from my previous post on testing for PHP Composer security vulnerabilities, I thought this post might be useful in helping create more secure applications that prevent PHP code injection. As developers, we build apps to help make end users’ lives easier. Be it entertainment, workplace or social network application, the end goal is to protect the users we build for by ensuring we build security into the code.

Snyk

Testing for PHP Composer security vulnerabilities with Snyk

PHP is used extensively to power websites. From blogging to ecommerce, it’s embedded in our everyday lives and powers much of the internet we use today. According to a Wappalyzer report on top programming languages of 2020, PHP has a 79% market share of backend languages used on the internet today. One of the biggest challenges with PHP libraries over the years has been package management. There have been a few ways to easily install and maintain libraries including PECL, CPAN.

sqreen

Preventing SQL injections in PHP (and other vulnerabilities)

If you’ve been around web development for a while, you’ve almost certainly heard the term “SQL injection” and some terrifying stories about it. PHP, like many other languages, is not immune to this type of threat, which can be very dangerous indeed. But, luckily, protecting your websites from SQL injection and other similar threats is something you can take tangible steps towards.

veracode

Is Your Language of Choice a Major Flaw Offender?

In volume 11 of our annual State of Software Security (SOSS) report, we uncovered some valuable nuggets of information about how you, the innovative developers of our world, can craft more secure code. For example, did you know that scanning via API improves the time to remediate 50 percent of security flaws by about 17 days, or that C++ and PHP languages have an alarmingly high number of severe security flaws and need greater attention?

ioncube24

What is the best way to protect my PHP code?

The simple answer is to use a compiled code tool and implement as many security features as possible, but sometimes time can be a factor and other matters take precedence so less time goes into security. If your code is valuable then you really should spend time adding more layers of code protection (obfuscation, script licensing, encryption) and there is one feature in particular which sets ionCube apart from other tools, offers advanced protection for your PHP code and is fairly quick to setup.

sqreen

Learnings from Sqreen's State of App Sec report: PHP apps are 3x more likely to be exploited

With each passing year, we move more and more aspects of our lives online. The line between the online and the offline is becoming thinner and thinner as time goes by. In this scenario, saying that digital security matters is as true as it is obvious. Getting application security wrong can have dramatic consequences for organizations and individuals. That’s the dilemma of security: it’s both incredibly important to get right and amazingly easy to get wrong. And people do get it wrong.

sqreen

Top 10 security best practices for PHP

While developing a PHP web application, a web developer should also be concerned with security best practices. An insecure web application gives hackers the chance to steal valuable information, such as user data or credit card information. In addition, a data breach may have a drastic impact on the credibility and future operations of your organization. To strengthen your defense mechanisms, this article lists 10 important security best practices for PHP applications. Let’s get started!