Web Hosting Geeks | Web Hosting Experts
Need help? Call us 1(866)TOP-HOST

14361 reviews 1715 hosting providers

Questions & Answers

PHP Security question

Apr 11, 2012 by TheRock
hi folks

I have created a few PHP based web applications but I am not %100 sure about how secure my code is and I’m worried from having any security breaches. I would really appreciate it  if someone could please guide me on how to test my. I do not want to tell my users that the application is secure unless I’m sure it really is.

2 Answers

0 votes
Apr 11, 2012 by SmartHost
Hi there,

you can hire some PHP security professional to do the work for you.
and there are also some free programs that can scan your site, such as;
HP Scrawlr  and Acunetix Vulnerability Scanner
0 votes
Apr 11, 2012 by mike231
you can start by doing the following

- check $_GET/$_POST variables that write to a database  by inserting  or ' in any input that records to the database.
If you get SQL error, your application is not secure.
- Make sure php, OS, and everything else that you are using is always updated
- Make sure you have a firewall installed and it is up to date
- If possible, disable ftp port entirely if you're on and switch to sftp.
- Rename any admin directory from "admin" to something a not so familiar with some numbers and letter