In this tutorial I am going to discuss security as it relates to protecting your PHP scripts from preying eyes, as well as protecting your system and your web pages from would-be assailants. This tutorial walks through some exploits regarding PHP, as well as fixes for them. This article, this site, or I do not condone using any of this knowledge in a devious or malicious manner.
The rest of this tutorial will be laid out in the following sections:
1. PHP and Security
2. Site Defacement
3. Externally working with variables
4. File Access
5. Encryption
6. Cookie Encryption
7. Protecting Scripts
8. One-way Password Authentication
PHP and Security - Tutorial
Richard J. Silvers
December 2, 2004
Page 1 of 5