Where PHP security could fail or be vulnerable PART 2

Hey PHP folks! How are you? Having a bad day? Are you hacked? Are you feeling unsafe from hackers? Don’t worry, I got you. Today are going to continue our PHP security post. Haven’t you read the part 1 of this blog post? If not I would like you to read it. There I have talked about data security, SQL injection, OS injection and code injection. If you are into security you know that these are the type of vulnerabilities that could exist in a PHP application. Are you sure that you are safe from hackers? Not quite sure right? So read the part 1 of this blog post and get to know the vulnerabilities better. Okay just like the last time we’ll focus on the vulnerabilities and the countermeasures for the particular vulnerability. Time for us to dive into PHP security again(happy-face).

5. Information Leakage

Information leakage is a common vulnerability that we see in PHP applications. You might think that it has a low impact but there is nothing called low impact when it comes to PHP security. Being 99% safe is not going to help, you have to make sure that your application is 100% safe. Look at the picture below.

Information Leakage

You see there goes the PHP vulnerability. This tells the attacker where the weak spot is. You don’t want to display this in a production server. How can we stop this?

– Read More –

Where PHP security could fail or be vulnerable

Hellow there PHP lovers or PHP hackers or whoever you are(happy-face). Today we are going to talk about PHP security. Yeah security. Interesting right? I know I know. Some of the stuff I mention below would be specifically applicable to PHP. But I’ll try to generalise as much as possible so you could apply them everywhere.

In this blog post I’ll focus on the vulnerabilities and the countermeasures for the particular vulnerability. Hey I almost forgot to tell you that some of the PHP security pitfalls are mentioned in the php documentation. So make sure you go through them as well. Let’s divine into PHP security now.

– Read More –

What And How To Use Apache Virtual Host?

Hellow there! How’s it going? Today I thought of concentrating my blog on Apache Virtual Host. There you have the URL to the documentation page. It’s for the Apache HTTP Server Version 2.2. Have you got time to read all that? I mean who’s got time to read all those docs? That’s why I’m here for. I’ll make this blog post short and sweet for you(happy-face).

What’s Apache Virtual Host?

Apache Virtual Hosts A.K.A Virtual Host(Vhost) are used to run more than one web site(domain) using a single IP address. In other words you can have multiple web sites(domains) but a single server. Different sites will be shown depending on the user’s requested URL. Best part is you can have any number of virtual hosts in a single server. It simply means you can have any number of web sites(domains) in a single server.

Virtual Host

– Read More –

Unix(Linux,Mac) Screen Command

Hey techies! How’s it going? I couldn’t share a blog post on unix for a while. So I thought of writing one for you guys and you are going to love it(wink-face). Do you know what we are going to talk about? Today we are going to talk about “Screen“(excited-face). The screen command works on both unix based operating systems such as linux, mac. Brace yourself mac/linux lovers. It’s a very useful command. I’m sure once you learn it, you are gonna use it everyday. We’ll start with the basics. Then we’ll dive into some command line examples as well. Are you ready? here we go(happy-face). – Read More –


Introduction To CKAN – Open Data Portal Platform

Please note that below blogpost is based on my personal experience while developing data.gov.lk which is the Sri Lanka’s Open Data Portal.

CKAN. In their words “the world’s leading open-source data portal platform”. Since you know about open data and how to use it let’s get right into CKAN. Oh oh! You don’t know about open data. Don’t worry! I got you covered. Read this blog post and you will get to know every thing you need to know about open data. Yeah trust me! Everything.

What’s CKAN?

As they say,

CKAN is a powerful data management system that makes data accessible – by providing tools to streamline publishing, sharing, finding and using data. CKAN is aimed at data publishers (national and regional governments, companies and organizations) wanting to make their data open and available.

Basically it’s a open source tool which allows you to manage your open data. It’s written in Python & uses Postgres as the database. If you are a MySQL fanboy and don’t know about Postgres don’t forget to read this blog post. It will give you a good idea about Postgres. Will divine into to CKAN’s features, so that you will know how powerful and feature-rich CKAN is. Brace yourself, here we go.

– Read More –

Older Posts
Newer Posts