Best Practices

As PHP developers, we have a responsibility to ensure that the code we write is secure and free from vulnerabilities. Failing to do so could result in serious consequences, from data...

The first SHA1 collision have just been announced in a blog post by a team from google and CWI Amsterdam. In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash...

Paragon Initiative Enterprises shared an interesting piece to Cryptographically Secure PHP Development. The article could be considered as additional resources to rules for programming cryptography code in C and point to...

The PHP Security Consortium was first launched in 2005, but since that date the initiative didn't see any new development even if it contributed with many interesting security resources to the...

Brad Hill from Paypal, shared a very interesting slides that he presented during W3Conf 2013, which was held in San Fransisco on February 21, and 22. In the presentation you can find real...

Sincerely, I can't agree with James Hayden that the $500 millions Healthcare.gov website failed due to an Apache misconfiguration, because a half billion website should not exist at all ! But totally...

The Hardening Framework is a security automation framework that applies secure default configuration while allowing customization for each deployment. It adds a layer into your automation framework, that configures your operating...

GlobalPlatform is hosting a free webinar to outline the privacy and security benefits that secure elements bring for the protection of web apps. This webinar will offer insight into its new...

Anthony Ferrara, Google developer advocate, grabbed our attention this new year's eve with a blog showing over 78% of unsecure PHP installs ! That's pretty huge, especially if we know that...

Essential PHP Securityby Chris ShiflettChris Shiflett have just announced the launch of PHPSecurity.org, the companion web site for his new book, Essential PHP Security. I have already announced the launch of...