PHPCamp : Showing Security tag

Attack on WordPress Blogs on RackSpace

submitted by iCan

This year we regularly see how hackers exploit security holes in infrastructure of large shared hosting providers to compromise thousands legitimate websites of their clients.… read more

0 Comments Tags: Security, Applications

Views: 181 Clicks: 15 Published: June 15, 2010

1 0

Security Talk: Fortifying Your Joomla! Website

submitted by iCan

Even if Joomla! is one of the safest Content Management Systems available, Joomla! Websites get hacked every day.
Just because you are using Joomla!,… read more

0 Comments Tags: Security, Applications

Views: 147 Clicks: 6 Published: May 26, 2010

1 0

Prevent your CSS and Javascript files from being cached

submitted by nisha_singh

Sometimes you just don’t want your CSS or Javascript files to be cached. For instance, I don’t feeling like having to explain to a customer… read more

0 Comments Tags: Security, Javascript, HTML & CSS

Views: 151 Clicks: 14 Published: August 8, 2010

4 0

20 Steps to a Flexible and Secure WordPress Installation

submitted by nisha_singh

A comprehensive WordPress installation, albeit simple to produce, often requires multiple steps — many of which can easily be omitted accidentally. How many times have… read more

0 Comments Tags: Security, Applications

Views: 87 Clicks: 12 Published: July 27, 2010

3 0

Fixing Codeigniters Database session

submitted by FatalError

The closest thing to a fix for Codeigniter's session bugs destroying sessions prematurely. read more

0 Comments Tags: Frameworks, Security

Views: 170 Clicks: 24 Published: August 23, 2010

1 0

Securing Your PHP Website

submitted by nisha_singh

You can also hide, or at least obscure, the fact that you’re using PHP to drive your site. Use the expose_php directive to prevent PHP… read more

0 Comments Tags: Security, Applications

Views: 185 Clicks: 50 Published: August 20, 2010

1 0

Salting Passwords in DB or Across the Wire?

submitted by iCan

One of the sessions at SxSW talked about the importance of salting passwords in the database in case an attacker gains database access. The assertion… read more

0 Comments Tags: Security, Architecture

Views: 182 Clicks: 16 Published: March 19, 2010

1 0

IE Blocking iFrame Cookies

submitted by iCan

I got a call today about one of my applications not running correctly from inside an iFrame. I tried it out and it looked like… read more

0 Comments Tags: Tutorials, Security, Tools

Views: 173 Clicks: 9 Published: August 16, 2010

1 0

Prevent Your Website From Hacking

submitted by nisha_singh

Regarding the use of Internet, particularly the World Wide Web (WWW) service, the world is going through an evolution phase. Today every big company or… read more

0 Comments Tags: Security, Javascript, Database

Views: 122 Clicks: 23 Published: August 13, 2010

1 0

web2project Security Vulnerability

submitted by iCan

It turns out that web2project was vulnerable to a handful of select Cross Site Scripting (XSS: definition) vulnerabilities. While the attack vector was pretty specific… read more

0 Comments Tags: Security

Views: 202 Clicks: 8 Published: January 30, 2010

1 0

Mitigate the Security Risks of PHP System Command Execution

submitted by iCan

As the Web continues its march towards becoming the de facto interface for the world's software applications, developers must find effective ways to not only… read more

0 Comments Tags: Security

Views: 178 Clicks: 7 Published: January 30, 2010

3 0

Single Sign-On authentication using OpenID and other security measures

submitted by iCan

The authentication of the PHPClasses site users will be changed to work in a separate site. It will use the OpenID protocol, so you do… read more

0 Comments Tags: Tutorials, Security, Web Services

Views: 227 Clicks: 13 Published: August 13, 2010

1 0

Auth/ACL implementation strategies

submitted by iCan

I'm going to talk more about ACLs than Auth. Auth is simple, it's the ACL that will trip you up. Since both concepts are coupled… read more

0 Comments Tags: Tutorials, Security, Architecture

Views: 108 Clicks: 16 Published: August 10, 2010

2 0

HTML Sanitisation: The Devil's In The Details (And The Vulnerabilities)

submitted by iCan

In this article, I take a look at some of the solutions PHP developers rely upon to perform HTML Sanitisation. Mostly because few others have… read more

0 Comments Tags: Tutorials, Security, Architecture

Views: 151 Clicks: 16 Published: August 10, 2010

1 0

Update your WordPress

submitted by iCan

This week at Black Hat conference in Las Vegas, security company Qualys presented and released BlindElephant, a utility that scans web sites for insecure web… read more

0 Comments Tags: Tutorials, Security, Applications

Views: 128 Clicks: 5 Published: August 7, 2010

2 0

Securing MySQL in 10 minutes

submitted by nisha_singh

Much like my last entry on memcache, I'm not trying to write the ultimate security guide for securing a mysql server... I'm just outlining the… read more

0 Comments Tags: Security, Database

Views: 237 Clicks: 61 Published: August 9, 2010

1 0

Genius Open Source Libraries

submitted by iCan

When the right tool for the job doesn’t exist, you build it. We came up with a set of functions to sanitize tainted data in… read more

0 Comments Tags: Security, Architecture

Views: 143 Clicks: 22 Published: August 3, 2010

1 0

Possible vulnerabilities found in PHP session IDs

submitted by nisha_singh

Seclists.org has posted an advisory titled “Weak RNG in PHP session ID generation leads to session hijacking.” RNG stands for Random Number Generation, and the advisory… read more

0 Comments Tags: Tutorials, Security

Views: 165 Clicks: 16 Published: April 9, 2010

1 0

The prefix has nothing to do with telephony

submitted by iCan

When dealing with website security, most web masters think only about fending off potential attacks. However, we are all human. No matter how hard we… read more

0 Comments Tags: Security, Applications

Views: 130 Clicks: 9 Published: August 2, 2010

1 0

MOPS-2010-022: PHP Stream Context Use After Free on Request Shutdown Vulnerability

submitted by iCan

PHP uses the stream context during stream destruction, although it was already freed in the request shutdown before. read more

0 Comments Tags: Security

Views: 144 Clicks: 2 Published: May 15, 2010

Join Camp Login Home Tools \| About us \| Blog \| Contact Us \| Advertising
Advertise with us Tags Frameworks Tutorials PHP Applications Methodologies Architecture Testing Tools Usablitiy Web Services SEO AJAX Javascript HTML & CSS XML Database Webservers Scaling Security Announcements Others Top Campers nisha_singh iCan savitas realin solidstone how it works?More...	PHPCamp is place to share news, views and articles that are useful to PHP community. Showing for tag: Security Boiling Getting Hotter Freshly Arrived Companies Jobs Add Your Link Login to share your opinion 1 0 Attack on WordPress Blogs on RackSpace submitted by iCan This year we regularly see how hackers exploit security holes in infrastructure of large shared hosting providers to compromise thousands legitimate websites of their clients.… read more 0 Comments Tags: Security, Applications Views: 181 Clicks: 15 Published: June 15, 2010 1 0 Security Talk: Fortifying Your Joomla! Website submitted by iCan Even if Joomla! is one of the safest Content Management Systems available, Joomla! Websites get hacked every day. Just because you are using Joomla!,… read more 0 Comments Tags: Security, Applications Views: 147 Clicks: 6 Published: May 26, 2010 1 0 Prevent your CSS and Javascript files from being cached submitted by nisha_singh Sometimes you just don’t want your CSS or Javascript files to be cached. For instance, I don’t feeling like having to explain to a customer… read more 0 Comments Tags: Security, Javascript, HTML & CSS Views: 151 Clicks: 14 Published: August 8, 2010 4 0 20 Steps to a Flexible and Secure WordPress Installation submitted by nisha_singh A comprehensive WordPress installation, albeit simple to produce, often requires multiple steps — many of which can easily be omitted accidentally. How many times have… read more 0 Comments Tags: Security, Applications Views: 87 Clicks: 12 Published: July 27, 2010 3 0 Fixing Codeigniters Database session submitted by FatalError The closest thing to a fix for Codeigniter's session bugs destroying sessions prematurely. read more 0 Comments Tags: Frameworks, Security Views: 170 Clicks: 24 Published: August 23, 2010 1 0 Securing Your PHP Website submitted by nisha_singh You can also hide, or at least obscure, the fact that you’re using PHP to drive your site. Use the expose_php directive to prevent PHP… read more 0 Comments Tags: Security, Applications Views: 185 Clicks: 50 Published: August 20, 2010 1 0 Salting Passwords in DB or Across the Wire? submitted by iCan One of the sessions at SxSW talked about the importance of salting passwords in the database in case an attacker gains database access. The assertion… read more 0 Comments Tags: Security, Architecture Views: 182 Clicks: 16 Published: March 19, 2010 1 0 IE Blocking iFrame Cookies submitted by iCan I got a call today about one of my applications not running correctly from inside an iFrame. I tried it out and it looked like… read more 0 Comments Tags: Tutorials, Security, Tools Views: 173 Clicks: 9 Published: August 16, 2010 1 0 Prevent Your Website From Hacking submitted by nisha_singh Regarding the use of Internet, particularly the World Wide Web (WWW) service, the world is going through an evolution phase. Today every big company or… read more 0 Comments Tags: Security, Javascript, Database Views: 122 Clicks: 23 Published: August 13, 2010 1 0 web2project Security Vulnerability submitted by iCan It turns out that web2project was vulnerable to a handful of select Cross Site Scripting (XSS: definition) vulnerabilities. While the attack vector was pretty specific… read more 0 Comments Tags: Security Views: 202 Clicks: 8 Published: January 30, 2010 1 0 Mitigate the Security Risks of PHP System Command Execution submitted by iCan As the Web continues its march towards becoming the de facto interface for the world's software applications, developers must find effective ways to not only… read more 0 Comments Tags: Security Views: 178 Clicks: 7 Published: January 30, 2010 3 0 Single Sign-On authentication using OpenID and other security measures submitted by iCan The authentication of the PHPClasses site users will be changed to work in a separate site. It will use the OpenID protocol, so you do… read more 0 Comments Tags: Tutorials, Security, Web Services Views: 227 Clicks: 13 Published: August 13, 2010 1 0 Auth/ACL implementation strategies submitted by iCan I'm going to talk more about ACLs than Auth. Auth is simple, it's the ACL that will trip you up. Since both concepts are coupled… read more 0 Comments Tags: Tutorials, Security, Architecture Views: 108 Clicks: 16 Published: August 10, 2010 2 0 HTML Sanitisation: The Devil's In The Details (And The Vulnerabilities) submitted by iCan In this article, I take a look at some of the solutions PHP developers rely upon to perform HTML Sanitisation. Mostly because few others have… read more 0 Comments Tags: Tutorials, Security, Architecture Views: 151 Clicks: 16 Published: August 10, 2010 1 0 Update your WordPress submitted by iCan This week at Black Hat conference in Las Vegas, security company Qualys presented and released BlindElephant, a utility that scans web sites for insecure web… read more 0 Comments Tags: Tutorials, Security, Applications Views: 128 Clicks: 5 Published: August 7, 2010 2 0 Securing MySQL in 10 minutes submitted by nisha_singh Much like my last entry on memcache, I'm not trying to write the ultimate security guide for securing a mysql server... I'm just outlining the… read more 0 Comments Tags: Security, Database Views: 237 Clicks: 61 Published: August 9, 2010 1 0 Genius Open Source Libraries submitted by iCan When the right tool for the job doesn’t exist, you build it. We came up with a set of functions to sanitize tainted data in… read more 0 Comments Tags: Security, Architecture Views: 143 Clicks: 22 Published: August 3, 2010 1 0 Possible vulnerabilities found in PHP session IDs submitted by nisha_singh Seclists.org has posted an advisory titled “Weak RNG in PHP session ID generation leads to session hijacking.” RNG stands for Random Number Generation, and the advisory… read more 0 Comments Tags: Tutorials, Security Views: 165 Clicks: 16 Published: April 9, 2010 1 0 The prefix has nothing to do with telephony submitted by iCan When dealing with website security, most web masters think only about fending off potential attacks. However, we are all human. No matter how hard we… read more 0 Comments Tags: Security, Applications Views: 130 Clicks: 9 Published: August 2, 2010 1 0 MOPS-2010-022: PHP Stream Context Use After Free on Request Shutdown Vulnerability submitted by iCan PHP uses the stream context during stream destruction, although it was already freed in the request shutdown before. read more 0 Comments Tags: Security Views: 144 Clicks: 2 Published: May 15, 2010 Show More Articles
An Experiment By AmiWorks