What do you think?
Rate this book
Security Principles for PHP Applications: A php[architect] guide
Security is an ongoing process not something to add right before your app launches. In this book, you'll learn how to write secure PHP applications from first principles. Why wait until your site is attacked or your data is breached? Prevent your exposure by being aware of the ways a malicious user might hijack your web site or API.
Security Principles for PHP Applications is a comprehensive guide. This book contains examples of vulnerable code side-by-side with solutions to harden it. Organized around the 2017 OWASP Top Ten list, topics cover include:
Injection Attacks
Authentication and Session Management
Sensitive Data Exposure
Access Control and Password Handling
PHP Security Settings
Cross-Site Scripting
Logging and Monitoring
API Protection
Cross-Site Request Forgery
...and more.
Written by PHP professional Eric Mann, this book builds on his experience in building secure, web applications with PHP.
About the Author
Eric is a seasoned web developer experienced with multiple languages and platforms. He’s been working with PHP for more than a decade and focuses his time on helping developers get started and learn new skills with their tech of choice. Eric works as a Tekton for Tozny, a privacy and security-focused startup in the Portland area. You can reach out to him directly via Twitter @EricMann
Security Principles for PHP Applications is a comprehensive guide. This book contains examples of vulnerable code side-by-side with solutions to harden it. Organized around the 2017 OWASP Top Ten list, topics cover include:
Injection Attacks
Authentication and Session Management
Sensitive Data Exposure
Access Control and Password Handling
PHP Security Settings
Cross-Site Scripting
Logging and Monitoring
API Protection
Cross-Site Request Forgery
...and more.
Written by PHP professional Eric Mann, this book builds on his experience in building secure, web applications with PHP.
About the Author
Eric is a seasoned web developer experienced with multiple languages and platforms. He’s been working with PHP for more than a decade and focuses his time on helping developers get started and learn new skills with their tech of choice. Eric works as a Tekton for Tozny, a privacy and security-focused startup in the Portland area. You can reach out to him directly via Twitter @EricMann
204 pages, Paperback
Published December 18, 2017
3 people want to read
About the author
Eric Mann
34 books3 followersEric Mann is director of the Los Angeles–based Labor/Community Strategy Center and cofounder of the Bus Riders Union. He is the author of six books and has worked extensively with many organizations, including the Congress of Racial Equality, Students for a Democratic Society, and the United Auto Workers. He lives in Los Angeles.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
January 22, 2018
The book does a good job of presenting the ten application security risks from OWASP Top Ten in 2017, plus several more less-common risks that can't be ignored. In each case the risk is detailed, followed by example vulnerable code and a fix for the vulnerability. Each section closes with notable examples where the vulnerability existed in real-life code. There are also basic recommendations on how to organize a team that can create more secure code. Basic knowledge of security and coding are required, but you don't have to be a rocket scientist to pick up the book.
Displaying 1 of 1 review