Hacker News
- Show HN: Airship, a modern and secure CMS written in PHP 7 (1st Beta) https://paragonie.com/project/airship 8 comments
- On Security and PHP http://devzone.zend.com/7052/on-security/ 3 comments
- How to Securely Allow Users to Upload Files (PHP) https://paragonie.com/blog/2015/10/how-securely-allow-users-upload-files 2 comments
- Building Secure Web Applications in PHP https://resonantcore.net/blog/2015/02/building-secure-web-applications-in-php 2 comments
- Creator of PHP talks to Digg about performance and security http://about.digg.com/blog/rasmus-lerdorf-php-performance 58 comments
- Secure File Upload in PHP Applications http://www.scribd.com/vacuum?url=http%3A%2F%2Fwww.scanit.be%2Fuploads%2Fphp-file-upload.pdf 7 comments
- Show HN: Bearer Code Security Scanner Add Support for Java, PHP, Go, and Python https://github.com/Bearer/bearer 2 comments
- Node security do you even care? I feel like I’m living in a PHP-induced nightmare https://blog.sqreen.io/nodejs-security-state/ 5 comments node
- php security question https://server.url/location/file.php?function=delete-everything 44 comments php
- Introducing Cupcake - Secure Form Handling Library for PHP 8 https://soatok.blog/2022/07/06/introducing-cupcake/ 27 comments php
- Open Source PHP Code Security Scanner https://app.scanmycode.today/project/068763b7c6204571ac14b9690a0483ed 8 comments php
- dompdf security alert: RCE vulnerability found in PHP PDF library https://snyk.io/blog/security-alert-php-pdf-library-dompdf-rce/ 7 comments laravel
- Possible security issue involving the Firebase JWT library for PHP (Algorithm Confusion with Key IDs) https://github.com/firebase/php-jwt/issues/351 47 comments php
- PHP Curl Security Hardening https://php.watch/articles/php-curl-security-hardening?r 5 comments php
- How to implement password recovery securely in PHP https://nicolasfar.medium.com/how-to-implement-password-recovery-securely-in-php-db2275ab3560 31 comments php
- Detect PHP security vulnerabilities with Psalm https://psalm.dev/articles/detect-security-vulnerabilities-with-psalm 12 comments netsec
- The 2018 Guide to Building Secure PHP Software https://paragonie.com/blog/2017/12/2018-guide-building-secure-php-software 3 comments webdev
- The 2018 Guide to Building Secure PHP Software https://paragonie.com/blog/2017/12/2018-guide-building-secure-php-software 187 comments netsec
- PHP Secure Sessions https://www.reddit.com/r/webdev/comments/75bm0v/php_secure_sessions/ 7 comments webdev
- How do you use PHP sessions in a safe and secure way? https://www.reddit.com/r/webdev/comments/69vc4f/how_do_you_use_php_sessions_in_a_safe_and_secure/ 11 comments webdev
- Cryptographically Secure PHP Development https://paragonie.com/blog/2017/02/cryptographically-secure-php-development 21 comments netsec
- On the (in)security of popular open source Content Management Systems written in PHP https://paragonie.com/blog/2016/08/on-insecurity-popular-open-source-php-cms-platforms 24 comments netsec
- MongoDB security – Injection attacks with php http://blog.securelayer7.net/mongodb-security-injection-attacks-with-php/ 21 comments netsec
- Securely Implementing (De)Serialization in PHP https://paragonie.com/blog/2016/04/securely-implementing-de-serialization-in-php 26 comments netsec
- Building Secure Web Applications in PHP https://appsec.solutions/blog/2015/09/building-secure-web-applications-in-php 3 comments programming
- Suhosin security extension for PHP comes back from the dead http://ckon.wordpress.com/2014/07/19/suhosin-newest-php-security/ 7 comments programming
- Secure PHP User and Password Management. As a beginner I found this very informative. http://www.openwall.com/articles/php-users-passwords 26 comments webdev
- PHP 'magic_quotes_gpc' Directive Security Bypass Weakness http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0831 11 comments netsec
- Dissecting the Critical PHP Remote Vuln Introduced in Security Patch for Hashtable Collision DOS http://thexploit.com/secdev/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/ 15 comments programming
- Local Session Poisoning in PHP Part 1: The Basics of Exploitation and How to Secure a Server http://ha.xxor.se/2011/09/local-session-poisoning-in-php-part-1.html 2 comments netsec
- Pretty comprehensive PHP security checklist of mine http://www.sk89q.com/2009/08/definitive-php-security-checklist/ 80 comments programming
- Debian breaks PHP Suhosin Security Feature http://www.suspekt.org/2010/02/27/debian-breaks-suhosin-security-feature/ 20 comments linux
- Handling of a security vulnerability in PHP (Hint: it's scary) http://use.perl.org/%7Earistotle/journal/33448 47 comments programming
- Intro to basic web application security: (Sqli, XSS, CSRF, LFI, proper password hashing, MITM (HTTPS), Command injection, XXE, error reporting) and other helpful tips. Examples are in PHP but applicable to other languages. https://www.raeder.technology/post/intro-to-basic-web-application-security 37 comments webdev
- Is PHP Insecure? With 60 bugs last month there might be some concerns...but then again it's up to developer's to secure PHP right?? http://www.developer.com/features/article.php/3885946/php-remains-strong-despite-security-flaws.htm 76 comments programming
- protected routes and security - first php project https://pastebin.com/uZKRE1W3 7 comments phphelp
- THT v0.7 - A re-design of PHP that makes it more secure and easier to use https://tht.dev 5 comments webdev
- Secure random numbers for PHP developers (x-post from /r/PHP) http://timoh6.github.io/2013/11/05/secure-random-numbers-for-php-developers.html 3 comments netsec
- Around 62 percent of all Internet sites will run an unsupported PHP version in 10 weeks - The highly popular PHP 5.x branch will stop receiving security updates at the end of the year https://www.zdnet.com/article/around-62-of-all-internet-sites-will-run-an-unsupported-php-version-in-10-weeks/ 80 comments webdev
- Just a reminder that PHP 5.x is no longer actively supported and will cease to receive bug fixes, only security fixes for two more years will be provided. That mostly leaves PHP 7.0 and 7.1 as the only supported versions of PHP out there. Time to upgrade! https://secure.php.net/supported-versions.php 62 comments webdev