Category: "LAMP"

Web Application Security - Perspectives

The link above is a link to Secunia, which tracks security issues for many products. Interpreting the data is definitely subjective, for the following reasons: If an application is constantly being tested and reviewed for security issues, problem… more »

MySQL REGEXP Validation / Error Handling

Allowing users to run regular expression (REGEXP) searches through a web interface provides excellent search capabilities with very little engineering. One need only change WHERE `field`='value' to WHERE `field` REGEXP 'regex'. A problem arises if th… more »

Unwelcome Visitors

Pay particular attention to the site visitor IP addresses in the web stats. Any IP address that has a significant amount of requests for unknown reasons should be suspect. Use the link above, or its overseas equivalent to determine who the IP add… more »

PHP session management and temporary file cleanup

By default, PHP manages sessions during requests. This simplifies installation, because no cron job is required. To allow performance tuning, several configuration settings are allowed to adjust the frequency of the session cleanup checking and executi… more »

Risks of Web-Based Application Management

Many web applications can be configured through the application. This is extremely valuable, especially for users that don't have SSH access and don't want to use FTP. The danger is that in order for web access to work, the web server must have write p… more »