Essential PHP Security Is Finished!

10 Sep 2005

A little over a month ago, I finally finished writing Essential PHP Security, a guide to secure PHP programming that I've been working on in my spare time for quite a while.

I'm really happy with the results. The people at O'Reilly have been great to work with, and I was lucky enough to have some of the best technical reviewers an author could ask for (Adam, David, George, and John). The result is a lean 150 page guide that covers what I feel are the most important topics with which a PHP developer should be familiar.

The book is due to be published in October (in time for the Zend PHP Conference and Expo), but you can buy it from Amazon today. As Adam jokingly suggests in his infamous email signature, "avoid the holiday rush - buy your copy today!"

I focus on Apache and MySQL, but the principles apply to any platform. In fact, web developers using languages other than PHP might learn something. I hope so. :-)

Each chapter focuses on a specific category of PHP development, and you are shown the most common and dangerous attacks associated with that particular category. Here is the final table of contents:

Preface
    Foreword by Andi Gutmans

1. Introduction
    PHP Features
        Register Globals
        Error Reporting
    Principles
        Defense in Depth
        Least Privilege
        Simple Is Beautiful
        Minimize Exposure
    Practices
        Balance Risk and Usability
        Track Data
        Filter Input
        Escape Output

2. Forms and URLs
    Forms and Data
    Semantic URL Attacks
    File Upload Attacks
    Cross-Site Scripting
    Cross-Site Request Forgeries
    Spoofed Form Submissions
    Spoofed HTTP Requests

3. Databases and SQL
    Exposed Access Credentials
    SQL Injection
    Exposed Data

4. Sessions and Cookies
    Cookie Theft
    Exposed Session Data
    Session Fixation
    Session Hijacking

5. Includes
    Exposed Source Code
    Backdoor URLs
    Filename Manipulation
    Code Injection

6. Files and Commands
    Traversing the Filesystem
    Remote File Risks
    Command Injection

7. Authentication and Authorization
    Brute Force Attacks
    Password Sniffing
    Replay Attacks
    Persistent Logins

8. Shared Hosting
    Exposed Source Code
    Exposed Session Data
    Session Injection
    Filesystem Browsing
    Safe Mode

A. Configuration Directives

B. Functions

C. Cryptography

I plan to launch a companion web site in time for the book's publication, and I will post code samples (I created a few utilities in order to demonstrate some attacks) and aggressively keep up with any errata that is discovered.

Now, I can finally start contributing to other things again. :-) I hope you enjoy the book, and I hope it helps.