Secure by Design – June 2017

This issue packs security related articles with a focus on designing security into your applications from the start. It occurs to me it’s a little ironic for PHP since the early days of the language were littered with insecure-by-design features. Who doesn’t remember register_globals, magic_quotes, and session IDs in the query string? There are still gotchas left to trip you up if you forget to use prepared statements with your database queries or allow URL includes without whitelisting them first. But we’ve come a long way and, as the PHP community has matured, we’ve learned the security pitfalls to avoid.

Sponsored By
Nexcess Logo