[UPHPU] PHP/MySQL Security
Jordan S. Jones
jordan at racistnames.com
Tue Jul 10 09:47:58 MDT 2007
Justin Giboney wrote:
> I want to learn a lot about how to secure PHP and MySQL. I would like
> to have all this information available in one place, so that I can
> have a sequential learning. Is there a really good book that you would
> recommend, or a website that has everything in one place?
>
> Thank you
>
> Justin Giboney
>
I am no expert, but some simple rules can be very helpful.
1. Always check the input from the client to ensure that it has the
proper data. E.g. Email Input really contains a valid email address
2. Never allow public access to your MySQL Server.
3. Don't use phpMyAdmin or at least put it so it can only be access from
specific locations or over a VPN.
And on and so forth.
Jordan S. Jones
More information about the UPHPU
mailing list