PHP 7.2: The First Programming Language to Add Modern Cryptography to its Standard Library

Officially, Libsodium will be part of the core extension of PHP 7.2 after RFC vote last week with 37 Yes and 0 No ! Sodium is a new, easy-to-use software library for...
responsive menu

Responsive Menu Plugin Exposed Hundred Thousand Websites to High Security risk

Wordfence disclosed this week multiple vulnerabilities patched in the popular Responsive Menu WordPress plugin that exposed more than 100,000 sites to takeover attacks. The three vulnerabilities revealed grant attackers the ability...
composer securtity harderning

Composer security Harderning

Composer is a dependency manager for PHP, and is the de facto one. It is a great software developed by brilliant people, and Composer security have the necessary precautions in place to prevent...

Apache : Why you should disable .htaccess

Sincerely, I can't agree with James Hayden that the $500 millions website failed due to an Apache misconfiguration, because a half billion website should not exist at all ! But totally...

INISCAN, The PHP ini scanner for best security practices

Since the PHPSecInfo is no longer updated, there is a similar tool which is recent, updated and could provides you with common security best practices for your PHP installations. Written by...

Snuffleupagus, Experimental Security module for php7

Snuffleupagus is a PHP7 module designed to drastically raise the cost of attacks against websites. This is achieved by killing entire bug classes and providing a powerful virtual-patching system, allowing the...

Cryptographically Secure PHP Development

Paragon Initiative Enterprises shared an interesting piece to Cryptographically Secure PHP Development. The article could be considered as additional resources to rules for programming cryptography code in C and point to...

SourceGuardian 12 Released With Full PHP 8 Support

SourceGuardian 12 have just been released with full support of all the new PHP 8 language features. The new version now supports PHP 8 encoding, in addition to named parameters, attributes, union...

Ciphersweet, Fast searchable field-level encryption for PHP projects

CipherSweet is a backend library developed by Paragon Initiative Enterprises for implementing searchable field-level encryption. The library come to answer the question "How do we securely encrypt database fields but still use these fields in...

The PHPHack that Broke Password Hashing

PHP recently suffered a bug in its password hashing algorithm that could lead to security vulnerabilities in applications. The bug, which was discovered and reported by researchers from Paragon Initiative Enterprises,...

Social Media


Latest articles

Get Started with Laravel Volt: A Free Full Stack Laravel App...

Laravel Volt is an admin dashboard template that offers a comprehensive design and development toolbox for personal and commercial projects. It comes with handcrafted...