Security has become more of a hot topic in the PHP community recently and PHPMaster.com has pulled together a list of resources you can read up on to get some great ideas for securing your application.
The unfortunate truth of the matter is there's no excuse for [the LinkedIn, Yahoo!, eHarmony and Last.fm] leaks; they would not have been possible if simple, well-known security precautions were taken. Are you protecting yourself and your applications by guarding against SQL-injection attacks? Are you filtering and validating user input? Are you properly hashing user passwords? I hope so! If not, read some of the security-focused articles PHPMaster has published throughout the past year and apply these best practices to your code today!
Articles in their list include:
- Why You Should Use Bcrypt to Hash Stored Passwords
- Input Validation Using Filter Functions
- Multi-Factor Authentication with PHP and Twilio
- Monitoring File Integrity
Check out the rest of the post for links to other great articles.