Ciphersweet, Fast searchable field-level encryption for PHP projects

CipherSweet is a backend library developed by Paragon Initiative Enterprises for implementing searchable field-level encryption. The library come to answer the question "How do we securely encrypt database fields but still use these fields in...

Webinar : Securing Your Infrastructure Before, During and After Deployment

Synk is organizing a webinar on October 14, 2020 3:00 pm CET titled securing your infrastructure before, during and after deployment. There will be three speakers from respectively Synk, Pulumi, and...

PHP Security Advent Calendar 2018

RipsTech launched for the third year in a row the PHP security Advent Calendar 2018, and this year will be analyzed security bugs in the most widespread WordPress plugins. The first two...

Apache : Why you should disable .htaccess

Sincerely, I can't agree with James Hayden that the $500 millions website failed due to an Apache misconfiguration, because a half billion website should not exist at all ! But totally...

Symfony security : Disclosure of uploaded files full path

Fabien Potencier have just published a new security issue CVE-2018-19789 related to the disclosure of uploaded files full path that affect versions 2.7.0 to 2.7.49, 2.8.0 to 2.8.48, 3.0.0 to 3.4.19,...

Essential PHP Security and its web companion

Essential PHP Securityby Chris ShiflettChris Shiflett have just announced the launch of, the companion web site for his new book, Essential PHP Security. I have already announced the launch of...

PHP 7.2: The First Programming Language to Add Modern Cryptography to its Standard Library

Officially, Libsodium will be part of the core extension of PHP 7.2 after RFC vote last week with 37 Yes and 0 No ! Sodium is a new, easy-to-use software library for...

The Spanner Blog : Bypassing XSSAuditor

The spammer blog posted about bypassing XSS Auditor, a tool built-in Chrome and IE and enabled by default to prevent XSS attacks or just doing some weird things to your page....

Understanding CIDRAM: An Overview of the Advanced Security Tool for Web Servers

CIDRAM (short for "Classless Inter-Domain Routing Access Manager") is a powerful web security tool that helps protect websites from malicious traffic. It uses a combination of IP blocking, HTTP header analysis,...

Top PHP Security and Malware Scanners

Hope you will are not coming to this page the day you are hit by a malware ! Because the day you discover that your server is compromised by a malware...

Social Media


Latest articles

Get Started with Laravel Volt: A Free Full Stack Laravel App...

Laravel Volt is an admin dashboard template that offers a comprehensive design and development toolbox for personal and commercial projects. It comes with handcrafted...