Posts marked with “security”

Security Corner: Circuit Breakers

by · December 3, 2020

0
 

If your application’s stability depends on the availability of a third-party system, the reliability of that external system becomes critical to the smooth operation of your own. The circuit breaker pattern is a proven way to protect against an unstable system causing problems with yours. Use it, and you won’t be surprised by an unplanned […]

 

Running Parallel

by · October 5, 2020

0
 

While we think of our scripts running for one request at a time, PHP web applications handle multiple, simultaneous requests at a time. In this issue, we look at asynchronous programming using Swoole, handling serverless file uploads, implementing security headers, dealing with race conditions, and more.

 

Security Corner: Configurable Security

by ·

0
 

Having a tool like Mozilla’s Observatory scan the health of your site is useless if you lack the tools to properly secure it and pass the inspections in the first place. You can set most of the required settings directly in the source of your application.

 

Security Corner: Observable Security

by · September 1, 2020

0
 

Among the easiest ways to ensure your website or web application is behaving security is to subject it to objective, third-party security scans. The Mozilla Observatory is one such tool that helps ensure strong security for any system operating on the public Internet. The Observatory automatically scans your website to make sure you correctly configure […]

 

Security Corner: Usable Security

by · August 6, 2020

0
 

An oft-overlooked aspect of any security practice or policy is its usability. Do the checks and controls added for the sake of security make the system harder for end-users to do their jobs? An unusable system will never be fully implemented and will fail to secure even the simplest of platforms.

 

Interview with Eric Mann, Security Corner contributor

by · June 23, 2020

0
 

In this Episode Eric van Johnson and John Congdon talk to Security Corner contributor Eric Mann about keeping your website secure. How a breach sparked his interest in security. The value of tokens and nonces. What area of security needs more attention. How to use end-to-end encryption for communication. Using Linux as your daily driver […]

 

Security Corner: Cross Site Request Forgery

by · June 4, 2020

0
 

Cross-site request forgery (CSRF) is a security risk where an attacker tricks a visitor into making a malicious request to your site from another, entirely unrelated site in their control. This particular vulnerability seemingly disappeared from most teams’ radars a few years ago but is beginning to reappear in the wild.

 

Advanced Design & Development

by ·

0
 

PHP adds syntax and slowly adapts to enable new programming techniques. Whether you are comfortable with imperative, object-oriented, or functional programming, the language does make it possible, and new syntax like arrow functions simplify the syntax. This issue looks into asynchronous PHP, new Browser APIs, building REST APIs, callables and closures in PHP, Code Igniter 4, and more!

 

Security Corner: Request Replay Protection

by · May 5, 2020

0
 

One of the most overused terms of security is “token.” It’s used in many different, often unrelated contexts to mean very different things. This month we’re going to discuss one form of tokens—replay prevention nonces—and how to use them.

 

Passwordless Authentication

by ·

0
 

Passwords are part of our everyday life. You may not even think about them most of the time, that is until you forget one. What if you never had to use a password again? What if I told you it was more secure not to have a password? Would you believe me? Find out why […]