Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I need to make sure that PHP sites that I administrate, don’t have any common PHP flaws, like SQL injection, wrongly configured permissions to files and folders etc. By site I mean for example Joomla site with plugins and modules. Making this security check manually can be time consuming and automated test could be run on daily basis to just make sure nothing has changed.
So my question is that is there any good automated software for this or do I have to code one myself?
Using a fuzzer is a good idea. But, you could also try coding an automated system yourself, as this will boost your knowledge about php and security issues/loop holes in your php sites.
I would personally use Google’s Skipfish and find out for yourself if there are problems, then build your own just for your needs and ease of use. Good luck!