- View Offline
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- SQL injection
- Encrypting and signing cookies
- Session hijacking and fixation
- Securing uploaded files
- User authentication
- Throttling brute-force attacks
- Blacklisting IPs
- Implementing password reset tokens
Skill Level Intermediate
- [Voiceover] Welcome to Creating Secure PHP Websites. My name is Kevin Skoglund. In this course, we're going to learn the PHP techniques needed to develop more secure websites. We will cover fundamental security principles, how to defend against the most common threats, and best practices to keep servers, software, and data safe from harm. This course is intended for developers who already know the fundamentals of PHP, and want to learn how to avoid common and costly mistakes in their code. You'll get an overview of security and review eight fundamental security principles.
We will configure PHP with good defaults to give our code a secure foundation to build on. We will learn how to filter user provided input. And how to be smart about the data that we output. We will discover techniques that use PHP to defend against the most common attacks against your site. And we will implement a password protected area in PHP which uses the best practices for encryption and for user authentication. Let's get started learning how to create secure websites with PHP.