Php and Mysql Programming Security
PHP Programming Protection
Although it is not possible to protect your site, but there are several precautions that can be included to better protect the programming PHP. Some of them are:
• You should check the referrer, for being sure that the information sent from your site, not an external source. Thus, there is a maximum chance of data tampering.
• Restricting the type of extension files uploaded to the site is another way to check security.
• Renaming files is another way in which the program can be achieved. This procedure includes checking barreld double extension, such as, yourfile.php.gif.
• Change the permissions for the folder command load, so that the files in it are not executable.
• All changes are created by the user should be allowed only when they "Enter" in the database. On the other hand, the owner of the site should always be careful to follow all the downloaded files, and then force them to live.
Mysql Programming Security
Another aspect of PHP and MySQL, Web development is the protection of library MySQL. Thus, the most important aspect of participating in the defense of the program is the safety of the MySQL server.
Securing MySQL is very important for the smooth operation of the website. This is based on access control lists and SSL-encrypted connections to protect PHP MySQL web development software from random users visiting the website.
Some of the vital things to be seen on the site protect the site:
• Access to MySQL database should not be allowed for everyone.
• Benefits for the user should always be accompanied by some limitations. If you can easily connect to the server without the "login", then the security code the MySQL server must be verified.
• The MySQL database should be devoid of clear text passwords. Use programs like MD5 (), SHA1 (), or a hash function for complete protection.
• Do not choose passwords from dictionaries, since they can be broken easily. Use programs that break the passwords.