Posts marked with “security”
Community Corner: Exposed Secrets with Dwayne McDaniel
In this episode, we speak with Dwayne McDaniel about exposed secrets in our GitHub repositories and figuring out when we’ve been compromised using Honeytoken. Links: Dwayne’s site – https://dwayne-mcdaniel.com/ Verizon’s Data Breach Investigations Report – https://www.verizon.com/business/resources/reports/dbir/ GitGuardian Blog – https://blog.gitguardian.com/ HoneyBadger.io – https://HoneyBadger.io Our Discord – https://discord.gg/aMTxunVx Buy our shirts – https://store.phparch.com/products/community-corner-podcast-t-shirt Scott’s Social […]
PHP Security in 2025: Lessons from the Core Security Audit
Picture this: You’re responsible for a piece of software that powers nearly three-quarters of all websites on the internet. Every day, billions of people interact with applications built on your platform. The responsibility is staggering – and so is the target on your back. This was the reality facing The PHP Foundation in 2024 when […]
Are You Down With CSP?
CSP is the Content Security Policy for your website’s pages. Think of it as a foreman on a construction site, checking all the material loads coming to the gate, verifying that they meet the requirements and sources defined by you, the architect. Accepting pine paneling for oak paneling in the specs would be disastrous for […]
The PHP Podcast: 2025.03.06 Explaining Explain
This week on the PHP Podcast, Eric and John talk about Explain Explained, Postgres All The Things, Livewire Remote Code Execution, Lazy Object, and more… Links from the show: Understanding MySQL Queries with Explain I replaced my entire tech stack with Postgres… – YouTube RCE Via User-Crafted Requests · Advisory · livewire/volt · GitHub […]
The php[podcast] 2024.11.7: PHP for Fun and PHProfit
This week on the PHP Podcast, Eric and John talk about New Features in PHP 8.4, The Magic Behind Laravel’s defer(), Doctrine Introduces EnumType Columns, Serialization/Deserialization, Laravel’s Nightwatch, PHPTek 2025, and more… Links from the show: PHP 8.4: new features and release date The magic behind Laravel’s new defer() helper — Amit Merchant — A […]
Security Corner: Classifying Ransomware
One of the terrifying new developments in technology is the high prevalence of ransomware—criminals using software to hold your data or information systems hostage. by Eric Mann
World Backup Day
Scott Keck-Warren has a contribution in honor of this month’s World Backup Date, Backups For Beginners. Follow along for some inspiration in making sure you have a complete backup system. Ken Marks continues his series, How to Hack Your Home with a Raspberry Pi, with an article showing how to actually hook up your accelerometer […]
Security Corner: Understanding Supply Chain Security
In the physical world, it’s relatively easy to understand what a supply chain looks like—the security of physical goods in transit is a straightforward concept. This kind of security in the digital world can be harder to recognize but is just as critical.
Parallelize Your Code
This month’s release touches on some examples that keep PHP and its community strong, relevant, and a fun language to code. Ken Marks continues his series on using PHP and a Rasberry Pi in a real-world example with Raspberry Pi Part 2 – Installing the LAMP Stack on your Pi. As developers, we live a […]
Parallelize Your Code
There are a lot of things you can say about PHP and trust me a lot has been said about PHP, but the one thing you can not say is that it hasn’t proven itself. PHP has grown with the internet itself and has the battle scars to show for it.