« I MADE MY OFFICAL WEBSITE
The Fed Under Fire »

PHP MySQL Security Best Practices For Your Website and Server

Learn best practices for securing your PHP and MySQL websites and applications. Here are the resources:

http://php.net/manual/en/security.php

http://developer.yahoo.com/security/

http://www.phpfreaks.com/tutorial/php-security

http://phpsec.org/php-security-guide.pdf

Duration : 0:4:47


[youtube 7bQqCOQmuuc]

This entry was posted on Sunday, May 23rd, 2010 at 12:33 pm and is filed under websites. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

25 Responses to “PHP MySQL Security Best Practices For Your Website and Server”

  1. skierplaterandy on May 23rd, 2010 at 12:33 pm

    @ra2yuri4 ah, good …
    @ra2yuri4 ah, good point.
    I don’t use Shaw either, but its a really popular isp in the states i think.
    if you blocked out 1000 potential customers from your site every time you had someone try and hack it, your placing your site in a hard spot. A more popular site would probably have a lot of attempts to hack it. Idk, my site isn’t popular enough for me to get actual figures.

  2. so a “friend” told …
    so a “friend” told me he could hack my site in 2 seconds. I don’t get it. My site is an info site for legal information. Other than erase what’s there, what could he possibly do to my site?

    And yes i thought it was a very douche bag thing to even say. I mean, why even say something like that. That’s like say, “oh hey i can screw your sister.” I mean come on.

  3. @skierplaterandy


    @skierplaterandy

    I actually did here about that. I do think there is something already done about it though. I heard it was “IP reset” or something of the kind. I’m not familiar with how it works.

    I also don’t use ShawCable. And that sounds impossible, unless the company only had 999 IP’s to share. From what I know, most ISP’s have a range from 15,700,000-60,000,000 different IP’s around the world, and can only share a certain amount in depending on where you live.

  4. skierplaterandy on May 23rd, 2010 at 12:33 pm

    @ra2yuri4 no, I’m …
    @ra2yuri4 no, I’m not talking about static IPs. I’m talking about “machine names.”

    it was referred in GRC’s “Sheilds Up” tester, I’m just not entirely sure if you could use it as a way to block certain computers.
    The website also refers to is as a “reverse DNS.”

    And think, what if a website blocked all users of Shaw Cable. A lot of traffic in north America goes through their service even if they aren’t using that ISP, and thousands do use it.

  5. @skierplaterandy …
    @skierplaterandy there are billions of isp’s and IP addresses in the world. Maybe 3 or 4 people may be restricted, but that is such a small number, and the chances of anyone in that range viewing your website is extremely low.

    Also, with IPv6 on its way, this will all be a thing of the past~

    and what you’re describing, is static-IP.

  6. skierplaterandy on May 23rd, 2010 at 12:33 pm

    @ra2yuri4 yes, then …
    @ra2yuri4 yes, then the site developer shoots himself in the foot as he bans an entire ISP from viewing his website :)
    there is another way though, a lot of ISPs give a user a specific id that sticks with them for the life of their use, I’m not exactly sure how it works, but it is transferred to the server, and its unique to you always.

  7. @skierplaterandy …
    @skierplaterandy that doesn’t work anymore. At least, not on the world wide web today. There are many ways around it.

    Its called, dynamic-IP range.

    Your ISP provides you a range of IP’s, starting with xxx.yyy.zzz.(last 3 here). The most common way to ban a dynamic IP and making sure the same user with dynamic doesn’t unplug his modem for a new one, you can block ip’s by range.

  8. Ya those people are …
    Ya those people are douche bags.

  9. Well said bro!
    Well said bro!

  10. new intro dont work …
    new intro dont work on 360p for moi

  11. TheNerdyFreak on May 23rd, 2010 at 12:33 pm

    Like the new intro …
    Like the new intro ;) Much better than the old 1!

  12. skierplaterandy on May 23rd, 2010 at 12:33 pm

    dynamic ip adresses …
    dynamic ip adresses :)

  13. This is what i …
    This is what i needed, Thank you Adam

  14. littlestar1562 on May 23rd, 2010 at 12:33 pm

    @MrShawnlloyd you …
    @MrShawnlloyd you mean crackers….shhh

  15. Like the new intro
    Like the new intro

  16. Great links Adam. …
    Great links Adam. Hackers just plain suck, they have nothing of value so they decide to try to make great things suck as bad as they do

  17. webmastertool on May 23rd, 2010 at 12:33 pm

    Nice intro.
    Nice intro.

  18. This is kick-ass at …
    This is kick-ass at its best! You go Adam.

  19. Awesome intro!
    Awesome intro!

  20. 2:59 talking about …
    2:59 talking about jasonmaster? lol..and sweet intro, thanks for the tipt!

  21. love the intro!!!
    love the intro!!!

  22. i like this into …
    i like this into much better, increase the fps though

  23. New intro is …
    New intro is AWESOME!

  24. VideosThatHelp on May 23rd, 2010 at 12:33 pm

    Love The New Intro …
    Love The New Intro :) i <3 Adam LOl

  25. Nice Intro!!!
    Nice Intro!!!

Leave a Reply