Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I work with LAMP based web sites, particularly Drupal, and was wondering if anyone knew of a good security checklist to help audit new and existing commerce sites for security vulnerabilities?
Cheers.
The best resource for web application security is undoubtedly the OWASP Top 10. OWASP is a not for profit, technology agnostic organisation dedicated to improving web application security. They produce a document titled “The ten most critical web application security risks” which is very easily consumable and should cover each of the angles you need to understand for an e-commerce app.
I suggest reading through each of the Top 10 carefully (the PDF version is very handy – 1 risk per page), understanding the risk and the impact and then ensuring you know how to mitigate this appropriately in PHP. Good luck!