Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I wanted to make a new php web application and if I follow the following things,
it my site then safe?
Security is not something that can be bolted on – it’s a constant process of improvement.
addslasheswill not help you – you need to be escaping the output withhtmlentities.There are many more things to consider for security like XSS, CSRF…
If you can get the book The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws. It’s full of useful advices.
And, I’ll say it again – security is not a feature – it’s a measurement. There is not 100% secure application (or anything actually). The assumption of security is to make breaking it more expensive than what’s behind it – if your site is dealing with money – you need more security – if you are dealing with giftcards – you might get away even without doing the things you suggested (which will be a very bad idea, but still).