Click for Details
Browse and upload photos of events, at the
NYPHP flickr Group.
Link up with NYPHP at the
PHP LinkedIn Group.
prev: Saving Mongos and Scaling with MongoDB, PHP and Document-Oriented Databases
next: Bootup #4 - The NY Technology Startup Community
php meetup
Anyone involved in web application development over the last five years should be aware of the security ecosystem surrounding PHP. Often overhyped, sometimes dramatic, and always interesting, the topics of PHP and security are usually linked at the hip, and a favorite comedy topic for those involved with other languages.
While PHP has made some security mistakes in the past, the focus of criticism is often misguided. The applicable codebase for the security notices - whether it be the PHP core, an extension, or an application - is forgotten and PHP as a whole gets one more strike.
PHP also provides great power and flexibility. But with it, comes great responsibility. As with any application living on the internet, it's the entire support staff's responsibility architect, developer, and administrator - to ensure an application meets organization security requirements.
In this talk, Hans Zaunere, Managing Member, New York PHP, provides tips, tricks, and fundamental best practices from the trenches for ensuring your code and LAMP deployment isn't caught off guard. He'll then review the PHP security ecosystem and available resources, debunk myths, and reveal some surprising facts that could leave you thinking PHP is one of the most secure languages available today.
PHP and LAMP Security Best Practices - or Why PHP IS Secure
Learn the fundamentals for keeping your Apache, MySQL and PHP deployment secure and reliable.
October 31st, 2009
This was presented at the PHP Barcelona 2009 Conference.Anyone involved in web application development over the last five years should be aware of the security ecosystem surrounding PHP. Often overhyped, sometimes dramatic, and always interesting, the topics of PHP and security are usually linked at the hip, and a favorite comedy topic for those involved with other languages.
While PHP has made some security mistakes in the past, the focus of criticism is often misguided. The applicable codebase for the security notices - whether it be the PHP core, an extension, or an application - is forgotten and PHP as a whole gets one more strike.
PHP also provides great power and flexibility. But with it, comes great responsibility. As with any application living on the internet, it's the entire support staff's responsibility architect, developer, and administrator - to ensure an application meets organization security requirements.
In this talk, Hans Zaunere, Managing Member, New York PHP, provides tips, tricks, and fundamental best practices from the trenches for ensuring your code and LAMP deployment isn't caught off guard. He'll then review the PHP security ecosystem and available resources, debunk myths, and reveal some surprising facts that could leave you thinking PHP is one of the most secure languages available today.
Resources
RELATED PRESENTATIONS
free PHP thumbnail maker CSS & Javascript minify gzip pipeline online API and console
Free API and developer tools console for PageSpeed optimization.