PHP security

From Rixort Wiki
Revision as of 14:34, 23 March 2021 by Paul (Sọ̀rọ̀ | contribs) (Created page with "== SQL injection == == Password storage == * Hashing * Timing attacks * Algorithms * Refreshing == Cookies == * Secure flag * HTTP flag == Cross site scripting (XSS) ==...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

SQL injection

Password storage

  • Hashing
  • Timing attacks
  • Algorithms
  • Refreshing

Cookies

  • Secure flag
  • HTTP flag

Cross site scripting (XSS)

Cross site request forgery (CSRF)

Shared hosting

  • Access to /tmp - session data
  • Access to read/write files as www-data user

File uploads

  • Denial of service - upload bandwidth, CPU utilisation, disk space utilisation
  • File types - be careful as some file data can be disguised as other file types (e.g. zip disguised as PNG)

Unsafe functions

  • exec
  • shell
  • eval

Data from URLs

  • No control over these (unless you also run the service)
  • Service provider may be malicious
  • DNS poisoning may transfer you to the wrong site/IP

Document root

  • Only files which are shown to users
  • Everything else keep outside document root
  • Pay particular care with non-PHP extensions, e.g. .inc