Security

Enrico Zimuel, Zend consultant in Italy, wrote an interesting article on how to create a secure login with Zend Framework. The sample application uses Zend_Form, Zend_Auth_Adapter_DbTable, Zend_Session, Zend_Config and Zend_Db_Table. The...

Sincerely, I can't agree with James Hayden that the $500 millions Healthcare.gov website failed due to an Apache misconfiguration, because a half billion website should not exist at all ! But totally...

PHP Git server exploit

Wordfence disclosed this week multiple vulnerabilities patched in the popular Responsive Menu WordPress plugin that exposed more than 100,000 sites to takeover attacks. The three vulnerabilities revealed grant attackers the ability...

Last week, one of the most popular Dark Web hosting services - Daniel’s Hosting - was attacked using a PHP zero-day exploit. The result : the server's root account was also deleted,...

Since the PHPSecInfo is no longer updated, there is a similar tool which is recent, updated and could provides you with common security best practices for your PHP installations. Written by...

GlobalPlatform is hosting a free webinar to outline the privacy and security benefits that secure elements bring for the protection of web apps. This webinar will offer insight into its new...

With just few weeks until PHP 5.6 EoL, PHPVatch checks top 1 million websites from Alexa Top 1 million sites which are leaking their PHP versions Only 4.88% of these websites have...

Officially, Libsodium will be part of the core extension of PHP 7.2 after RFC vote last week with 37 Yes and 0 No ! Sodium is a new, easy-to-use software library for...

As PHP developers, we have a responsibility to ensure that the code we write is secure and free from vulnerabilities. Failing to do so could result in serious consequences, from data...