PHP’s long standing security issue with OPCache leaking sensitive data Fixed
A very serious security issue that has been long standing with PHP have been quietly fixed without being noticed until it was submitted to the OSS security mailing list. The vulnerability...
INISCAN, The PHP ini scanner for best security practices
Since the PHPSecInfo is no longer updated, there is a similar tool which is recent, updated and could provides you with common security best practices for your PHP installations. Written by...
Behind the Scenes of Wikipedia’s Migration to HHVM
As we have previously announced, Wikipedia migrated its platform to HHVM and we have found some interesting details on their experience posted by Ori Livneh in a Wikimedia blog post. Today...
Hardening Framework plans to support PHP
The Hardening Framework is a security automation framework that applies secure default configuration while allowing customization for each deployment. It adds a layer into your automation framework, that configures your operating...
The Balancing Act of Web Security and Performance: How to Keep Your Website Safe...
In today's digital landscape, websites and web applications have become essential tools for businesses and individuals alike. With this increased reliance on online presence comes the need for robust security measures...
Essential PHP Security and its web companion
Essential PHP Securityby Chris ShiflettChris Shiflett have just announced the launch of PHPSecurity.org, the companion web site for his new book, Essential PHP Security. I have already announced the launch of...
HTML5 Security Realities
Brad Hill from Paypal, shared a very interesting slides that he presented during W3Conf 2013, which was held in San Fransisco on February 21, and 22. In the presentation you can find real...
74% of PHP Installations are unsecure, You should upgrade !
Anthony Ferrara, Google developer advocate, grabbed our attention this new year's eve with a blog showing over 78% of unsecure PHP installs ! That's pretty huge, especially if we know that...
SensioLabs Security Checker Version 5 recommended
If you are using SensioLabs Security Checker, then make sure you are using only the version number five, recommended Fabien Potencier.
https://twitter.com/fabpot/status/1065864144732241920?s=09
The SensioLabs Security Checker is a command line tool that checks...
PHP Git server exploit, the Zero day bug that nobody wanted to buy
PHP Git server exploit