PHP Security Resources
These resources are a good start for anyone learning secure PHP programming practices.
Pro PHP Security (Chris Snyder and Michael Southwell) Comprehensive book, including secure hosting practices
Essential PHP Security (Chris Shiflett) Concise, clear explanation of web security concepts, teaching “filter input, escape output” clearly.
php|architect’s Guide to PHP Security (Ilia Alshanetsky) Contains detailed discussion of cross-site scripting (XSS) defenses
PHP Architect magazine’s monthly “security corner” column
Chris Shiflett’s PHP & Web Application Security Blog
PHP manual’s security page
Web Application Security Consortium mailing list
Share with digg/del.icio.us:These icons link to social bookmarking sites where readers can share and discover new web pages.
