Security Principles for PHP Applications

Security is an ongoing process not something to add right before your app launches. In this book, you'll learn how to write secure PHP applications from first principles. Why wait until your site is attacked or your data is breached? Prevent your exposure by being aware of the ways a malicious user might hijack your web site or API. Security Principles for PHP Applications is a comprehensive guide. This book contains examples of vulnerable code side-by-side with solutions to harden it. Organized around the 2017 OWASP Top Ten list, topics cover include: Injection Attacks Authentication and Session Management Sensitive Data Exposure Access Control and Password Handling PHP Security Settings Cross-Site Scripting Logging and Monitoring API Protection Cross-Site Request Forgery ...and more. Written by PHP professional Eric Mann, this book builds on his experience in building secure, web applications with PHP.