Symfony security : Disclosure of uploaded files full path
Fabien Potencier have just published a new security issue CVE-2018-19789 related to the disclosure of uploaded files full path that affect versions 2.7.0 to 2.7.49, 2.8.0 to 2.8.48, 3.0.0 to 3.4.19,...
SourceGuardian 12 Released With Full PHP 8 Support
SourceGuardian 12 have just been released with full support of all the new PHP 8 language features. The new version now supports PHP 8 encoding, in addition to named parameters, attributes, union...
The Balancing Act of Web Security and Performance: How to Keep Your Website Safe...
In today's digital landscape, websites and web applications have become essential tools for businesses and individuals alike. With this increased reliance on online presence comes the need for robust security measures...
Top PHP Security and Malware Scanners
Hope you will are not coming to this page the day you are hit by a malware ! Because the day you discover that your server is compromised by a malware...
Google Announces the end of SHA-1
The first SHA1 collision have just been announced in a blog post by a team from google and CWI Amsterdam. In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash...
Behind the Scenes of Wikipedia’s Migration to HHVM
As we have previously announced, Wikipedia migrated its platform to HHVM and we have found some interesting details on their experience posted by Ori Livneh in a Wikimedia blog post. Today...
Cryptographically Secure PHP Development
Paragon Initiative Enterprises shared an interesting piece to Cryptographically Secure PHP Development. The article could be considered as additional resources to rules for programming cryptography code in C and point to...
10 Common PHP Security Vulnerabilities and How to Prevent Them
As PHP developers, we have a responsibility to ensure that the code we write is secure and free from vulnerabilities. Failing to do so could result in serious consequences, from data...
Essential PHP Security Book Reviewed
I have announced this book when it was first published in December 2005, Nine years ago or almost ! Today we are sharing with you a more detailed review of this...
Snuffleupagus, Experimental Security module for php7
Snuffleupagus is a PHP7 module designed to drastically raise the cost of attacks against websites. This is achieved by killing entire bug classes and providing a powerful virtual-patching system, allowing the...