HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
 Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > PHP and security
Go to: HSC Trainings
Search:  
 Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication 		  
o HSC Newsletter
o Press review
o Press releases
o Publications
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|PHP and security  
> Access to the content HTML Beginning of the presentation
PDF PDF version [230 KB]  
> Description PHP is used by a increasing number of complex Web applications. What are the classical security problems encountered ? How to create secure PHP installations and how write secure applications ?  
> Context & Dates Talk made during PHP Forum organized by AFUP (http://www.afup.org/), on 27 November 2003.
 
> Author Alain Thivillon (Alain.Thivillon@hsc.fr)  
> Type [ French - HTML ]  
> Abstract &
Table of content		 Flyleaf
Plan
Vulnérabilités PHP - PHP Lui même
Vulnérabilités PHP - Langage - 1
Vulnérabilités PHP - Langage - 2
Vulnérabilités PHP - Programmeurs
Attaquants et Cibles
Exemples d'attaques - 1
Exemples d'attaques - 2
Exemples d'attaques - 3
Recommandations
Configuration (php.ini) - 1
Configuration (php.ini) - 2
Configuration (php.ini) - 3
Programmation
Programmation - 2
Programmation - 3
Programmation - 4
Méthodes
Methodes - 2
Conclusion  
> Related documents
themeWeb
[Course]  Web Servers and applications Security
[Tool]  Webef tool [Bruteforcer of web server files and directories - English]
[Presentation]  Webshells, or how to open your network's doors ? [21 October 2010 - French]
[Presentation]  JBoss AS: exploitation and reassure [11 June 2010 - French]
[Presentation]  Webshells, or how to open your network's doors ? [16 March 2010 - French]
[Presentation]  Webshells, real threat for information systems ? [1 December 2009 - French]
[Presentation]  Security issue seen in enterprises web applications [27 November 2008 - French]
[Presentation]  Application security [23 October 2008 - French]
[Presentation]  Feedback from PHP applications assessment [21 November 2007 - French]
[Presentation]  Evolution of Cross-Site Request Forgery Attacks [1 June 2007 - French]
[Presentation]  Encrypting hostile Web content over HTTP [31 May 2007 - French]
[Presentation]  Web 2.0 : more ergonomic... and less secure ? [22 May 2007 - French]
[Tip]  Configuring and using modsecurity2 [24 April 2007 - French]
[Tip]  Presentation of Apache ModSecurity module [14 June 2006 - French]
[Presentation]  Database and ERP security [15 June 2005 - French]
[Presentation]  SSL VPN connection multiplexing techniques [7 April 2005 - English]
[Presentation]  Web Services and Security [10 September 2003 - French]
[Tip]  HTTP/HTTPS authentication methods [10 March 2003 - French]
[Presentation]  The cross-site scripting [27 February 2003 - French]
[Presentation]  DBMS and security [1 April 2002 - French]
[Presentation]  Apache and web servers security [1 February 2002 - French]
[Tip]  Implementing filtering on a reverse HTTP proxy using mod_eaccess [3 September 2001 - French]
[Tool]  Subweb tool [HTTP reverse proxy - English]
[Tool]  Babelweb tool [Automatic information retrieving from of a web server - English]
[Tip]  Universal CGI wrapper [5 August 2001 - French]
[Tip]  Why HTTPS is not web security [7 May 2001 - English]
[Tip]  Filtering URLs in a reverse proxy [5 May 2001 - French]
[Presentation]  Hacking web servers [14 March 2001 - French]
[Tip]  Why a reverse proxy [13 February 2001 - French]
[Tip]  Apache as a reverse proxy [11 November 2000 - French]
[Presentation]  Secure internet services (email, DNS, web) under Linux [26 September 2000 - English]
[Presentation]  Secure internet services (email, DNS, web) under Linux [26 April 2000 - French/English]
[Presentation]  Secure Internet services (email, DNS, web) under Linux [1 February 2000 - French]
[Techno-watch]  Netscape [16 January 1996 - French]
themeSecure Programming
[Course]  Secure Programming
[Presentation]  Application security [23 October 2008 - French]
[Presentation]  Feedback from PHP applications assessment [21 November 2007 - French]
[Presentation]  Evolution of Cross-Site Request Forgery Attacks [1 June 2007 - French]
[Presentation]  Web 2.0 : more ergonomic... and less secure ? [22 May 2007 - French]
[Presentation]  Security in software developments [11 May 2007 - French]
[Presentation]  How to design secure network applications based on privilege separation [11 July 2002 - French/English]
[Presentation]  Secure programming and software traps [18 March 2002 - French]
themeOpen-source Software
[Presentation]  Free software and security [25 October 2006 - French]
[Presentation]  Free software and security [13 October 2006 - French]
[Article]  Compte-rendu de la table ronde sur la sécurité du logiciel libre aux Assises de la sécurité 2006 [13 October 2006 - French]
[Presentation]  Free secure mail gateway [12 February 2004 - French]
[Presentation]  Free software advantages for security [18 January 2004 - French]
[Presentation]  Free Software and Security [27 November 2003 - French]
[Presentation]  Linux and security [22 November 2002 - French]
[Presentation]  Security and public utilities - interest and set up of free software [19 September 2002 - French]
[Presentation]  Security advantages of open source software [5 January 2002 - French]
[Presentation]  Security advantages of open source software [26 September 2000 - English]
[Presentation]  Firewalls & free OS: a secure alternative [12 May 2000 - French]
[Presentation]  Security advantages of open source software [10 April 2000 - French/English]
[Presentation]  Security and free software [29 March 2000 - French]
[Presentation]  Free Software for Security [16 March 2000 - French]
[Presentation]  Free software for Internet/intranet security [18 June 1999 - French]
[Presentation]  The free software alternative for Internet/intranet security [11 February 1999 - French]
> Copyright © 2003, Hervé Schauer Consultants, all rights reserved.

 

Last modified on 4 Mars 2004 at 11:58:22 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants