PHP Security Resources

These resources are a good start for anyone learning secure PHP programming practices.

  • Pro PHP Security (Chris Snyder and Michael Southwell) Comprehensive book, including secure hosting practices
  • Essential PHP Security (Chris Shiflett) Concise, clear explanation of web security concepts, teaching “filter input, escape output” clearly.
  • php|architect’s Guide to PHP Security (Ilia Alshanetsky) Contains detailed discussion of cross-site scripting (XSS) defenses
  • PHP Architect magazine’s monthly “security corner” column
  • Chris Shiflett’s PHP & Web Application Security Blog
  • PHP manual’s security page
  • Web Application Security Consortium mailing list
    1. No comments yet.
    1. No trackbacks yet.