PHP Web Application Security

PHP, being a widely-used programming language, is a main target of attackers. Let's protect our web apps.

Web applications are under attack every day. PHP, being one of the most widely-used programming languages on the web, is one of the main targets. Some oddities, especially those of older versions, facilitate some of the attacks. This course, PHP Web Application Security, helps developers to understand security risks, how vulnerabilities can be exploited, and how to avoid those attacks. First you'll learn about how to defend against cross-site scripting, including new approaches such as content security policy. Next, you'll learn about how cross-site request forgery works, why it works so well, and how you can implement protection using PHP. Finally, the course will wrap up by teaching you how to protect against SQL injection attacks, covering not only MySQL, but also other relevant databases PHP supports. By the end of this course, you'll have the knowledge to anticipate and defend against the major threats against web applications today.

• Course Overview 1min
• PHP Web Application Security 19mins
• Input Validation 40mins
• Cross-site Scripting (XSS) 66mins
• SQL Injection 48mins
• State Management 40mins
• Cross-site Request Forgery (CSRF) 38mins
• Storing Passwords 24mins
• Error Handling 29mins
• Conclusion 10mins