Reply to Re: Another question about Security — PHP Programming Language

Posted by Mike P2 on 05/05/07 22:00

On May 5, 5:37 pm, "alvarojavierv...@gmail.com"
<alvarojavierv...@gmail.com> wrote:
> What is best way that you use (technique) to get safe
> (may be your site or system)?

That depends almost completely on what your site does and how it is
done. For general things, you can disable PHP's register_globals
option (you'll find that in php.ini, or you can write a short snippet
that unregisters the globals like phpBB forums do, or .htaccess can
sometimes help with PHP switches) and mysql_real_escape_string()
specific input before inserting into your database to prevent SQL
injection (magic_quotes may be enabled already, it's preferable to
disable that and escape stuff yourself so you can be sure it's working
all of the time).

You can also give mod_security a try, some hosts implement it
(DreamHost does). It covers a some things you might miss.
http://www.modsecurity.org/projects/modsecurity/apache/index.html

-Mike PII

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация