No doubt PHP is a strong language and it gain power during its evaluation.But there are too much security risks in PHP.Most common are :
1-Invalidated Input Errors
2-Access Control Flaws
3-Session ID Protection
4-Cross Site Scripting (XSS) Attacks
5-SQL Injection Vulnerabilities
6-Error Reporting
7-Data Handling Errors
8-PHP configuration settings
As PHP is open-sourse server-side scripting language, it is most often uses in web applications and database-driven web site which obviously have critical data.So malicious users always try to find holes in its security, in other word this open-source is in focus of attackers.Thus it becomes the responsiblity of developer to minimize the securiy risks in product.
章 23. 总则
绝对安全的系统是不存在的,因此安全业界常用的方法有助于平衡可用性和风险。对用户提交的每一个变量都进行双重验证可能是一个很负责任的行为,但会导致用户必须花很多时间去填写一张复杂无比的表格,从而迫使某些用户尝试绕过安全机制。
最好的安全机制应该能在不防碍用户,并且不过多地增加开发难度的情况下做到能满足需求。实际上,一些安全问题往往会发生在这种过度强化安全机制的系统上。
不要忘记著名的等强原则:一个系统的的强度是由它最薄弱的环节决定的(译者注:相当于木桶原理)。如果所有的事务都基于时间、地点、事务种类进行详细的记录,而用户验证却只依靠一个 cookie,那么用户所对应的事务记录的可信度就被大大剥弱了。
调试代码的时候一定要记住,就算是一个简单的页面也很难对所有可能发生的情况进行检测:对你不满的雇员不一定会输入如你所愿的东西,黑客也有足够的时间研究你的系统,当然,你的宠物猫也会跳到你的键盘上。这就是为什么必须检查所有的代码,去发现哪里可以引入不正当的数据,然后对代码改进、简化或者增强。
互联网上充满了为了成名而破坏你的代码、攻击你的网站并输入不正当数据的人,总之他们会使你的生活充满乐趣。无论是大网站还是小网站,只要能和互联网连接,就会成为一个目标。很多黑客程序并不理会网站的大小,只会机械地扫描 IP 地址并找寻受害者。我们希望那个不要是你。
add a note
User Contributed Notes
Abdul Basit
30-Jul-2007 05:59
30-Jul-2007 05:59
Andreas R dot newsgroups2005 at geekmail dot de
04-Apr-2007 05:02
04-Apr-2007 05:02
In reply to: yairl at savion dot huji dot ac dot il (Important Security Note for emacs users)
> in apache webserver you can deny access to these files with the following configure order
> <File "*~">
> Deny all
> </File>
If you want to use .htaccess file, it should be:
<Files "*~">
Deny from all
</Files>
But then don't forget to set AllowOverride All (for the directory in question), e.g.
<Directory /var/www/localhost/htdocs>
AllowOverride All
</Directory>
since with the (default?) AllowOverride None the .htaccess files are ignored, see
http://issues.apache.org/bugzilla/show_bug.cgi?id=41760
ms_sux_2000 at hotmail dot com
11-Dec-2006 05:34
11-Dec-2006 05:34
Emacs doesn't require an X server to run, you can use the command line option '-nw' to start emacs in that console. Also portmap isn't required by an X server nor emacs (except maybe for special optional packages).
lesley_b_linux at yahoo dot co dot uk
18-Oct-2006 02:19
18-Oct-2006 02:19
In answer to the first poster here, you shouldn't really be developing within the tree of a live Internet facing web server at all ever.
All Linux distro's I have come across have the capability of running Apache on the localhost so at it's simplest level you should :-
0. Get the latest web site code from your version control system.
1. Do your development using the localhost web server
2. Check in your new site code to the version control system you are running.
3. Upload only the new or updated files to the active webserver
You can use anything from ftp to sitecopy to upload your files and most advanced site copying tools allow you to ignore *.bak *~ or even entire directories if you need to.
If you must develop on the server, then ssh in and use vi but look out for disconnects leaving vi .*.swp files aorund. (Why use vi? Because then you aren't exposing the web server to further insecurity by running the portmap deamon for the X-server required for emacs. )
That's speaking as someone who uses both emacs and vi.
yairl at savion dot huji dot ac dot il
25-Apr-2006 10:14
25-Apr-2006 10:14
Important Security Note for emacs users
Many linux/unix developers like the emacs editor to write code. It's a great editor with many features for PHP/Perl developers. emacs by default creates a back up file ending with ~. Then when you create a file myprogram.php it creates a back up file myprogram.php~ . You can change this default behavoir to avoid emacs creates this file but many people prefer to keep this default. The problem is that through the webserver people can load this file ending with ~ and can see your php code because the webserver doesn't parser this file as php type due to the ~. This behavoir is a strong security hole, it permits to everybody to see and hack your code. i recommend to emacs users to deny access to files ending with ~ in general to avoid this problem.
In general PHP developers must check that the editor they are using is not creating a file beside the php source file without the end file name .php necessary for the webserver to parser it as php application.
in apache webserver you can deny access to these files with the following configure order
<File "*~">
Deny all
</File>
henke dot andersson at comhem dot se
25-Dec-2005 08:53
25-Dec-2005 08:53
A good tactic to employ is the "least privileged needed" aproatch. If a aplication is only reading from a particular table in a particular database, it should have a account that can do exactly that and no more.