"This anthology collects articles first published in php[architec magazine. Each one touches on a security topic to help you harden and secure your PHP and web applications. Your users’ information is important, make sure you’re treating it with care.
Each month in php[architec magazine, experts from the PHP community and wider web development community share their knowledge and experience with our readers. Leverage their expertise in building and protecting websites for all types of organizations.
This anthology includes:
An overview of the attacks you should be familiar with and how to protect against exploits.
Using a PHP-based Intrusion Detection System to monitor and reject requests that attempt to breach your site.
How to protect against SQL Injection from user-supplied data by using prepared statements.
A case study in how the Drupal security team keeps core and contributed modules safe.
How to securely store passwords and understanding the techniques used to crack credentials.
Using OAuth 2.0 to connect to web services and fetch information for your users without asking for a password.
How web service security differs from traditional web application security and advice for effectively protecting one from malicious users.
Identifying the right kind of cryptography to implement in your application and doing it correctly.