Web Application Security - Perspectives

The link above is a link to Secunia, which tracks security issues for many products. Interpreting the data is definitely subjective, for the following reasons: If an application is constantly being tested and reviewed for security issues, problem… more »

MySQL REGEXP Validation / Error Handling

Allowing users to run regular expression (REGEXP) searches through a web interface provides excellent search capabilities with very little engineering. One need only change WHERE `field`='value' to WHERE `field` REGEXP 'regex'. A problem arises if th… more »

Unwelcome Visitors

Pay particular attention to the site visitor IP addresses in the web stats. Any IP address that has a significant amount of requests for unknown reasons should be suspect. Use the link above, or its overseas equivalent to determine who the IP add… more »

Speed up eZ publish

The following steps can be taken to make an existing eZ publish installation run more quickly: Empty the trash Clear the collected information Clear the search stats Delete all the drafts, especially those of the administrator These steps re… more »

PHP session management and temporary file cleanup

By default, PHP manages sessions during requests. This simplifies installation, because no cron job is required. To allow performance tuning, several configuration settings are allowed to adjust the frequency of the session cleanup checking and executi… more »