Seven Risks Of PHP Script. - PowerPoint PPT Presentation

About This Presentation
Title:

Seven Risks Of PHP Script.

Description:

Security is not a rundown of things you do. Security is a state of mind, a method for taking a gander at things, a method for managing the world that says "I don't know how they'll do it, however, I know they will attempt to screw me" and afterward, as opposed to dissolving into an existential funk, being proactive to keep the issue. So here am gonna state a few risks and the precautions to be followed for PHP script. For more visit: – PowerPoint PPT presentation

Number of Views:11
Slides: 7
Provided by: appkodes

less

Transcript and Presenter's Notes

Title: Seven Risks Of PHP Script.


1
(No Transcript)
2
  • Security is not a rundown of things you do.
    Security is a state of mind, a method for taking
    a gander at things, a method for managing the
    world that says "I don't know how they'll do it,
    however, I know they will attempt to screw me"
    and afterward, as opposed to dissolving into an
    existential funk, being proactive to keep the
    issue. So here am gonna state a few risks and the
    precautions to be followed for PHP script.

3
  • SQL Injection
  • Number one on the hit rundown is the SQL
    infusion assault. For this situation, somebody
    enters a SQL piece (the great illustration is a
    drop database explanation, despite the fact that
    there are numerous conceivable outcomes that do
    exclude cancellations which could be similarly as
    ruinous) as an incentive in your URL or web
    frame.
  • XSS (Cross Site Scripting)
  • The quintessence of any XSS assault is the
    infusion of code (for the most part JavaScript
    code however it can be any customer side code)
    into the yield of your PHP script. This assault
    is conceivable when you show input that was sent
    to you, for example, you would do with a
    discussion posting for instance. The assailant
    may post JavaScript code in his message that does
    unspeakable things to your site.

4
  • Source Code Revelation
  • This one needs to do with individuals having the
    capacity to see the names and substance of
    documents they shouldn't in case of a breakdown
    in Apache's design.
  • Remote File Inclusion
  • Remote record incorporation is when remote
    documents get incorporated into your application.
    Really profound, eh? Be that as it may, why would
    that be an issue? Since the remote record is
    untrusted. It could have been perniciously
    altered to contain code you don't need running in
    your application.

5
  • Session Hijacking
  • Session Hijacking is the point at which a
    ne'er-do-well takes and utilize another person's
    session ID, which is something like a key to a
    protected store box. At the point when a session
    is set up between a customer and a web server,
    PHP will store the session ID in a treat on the
    customer side likely called PHPSESSID.
  • Cross Site Request Forgery
  • Cross Site Request Forgery (CSRF), otherwise
    called the Brett Maverick, or Shawn Spencer,
    Gambit, includes deceiving a somewhat unwitting
    client into issuing a demand that is, should we
    say, not to his greatest advantage.
  • Directory Traversal
  • This assault, similar to so a considerable lot of
    the others, searches for a site where the
    security is not all that it ought to be, and when
    if observes one, it makes documents be gotten to
    that the proprietor did not plan to make openly
    available. It's otherwise called the ../(spot,
    speck, cut) assault, the climbing assault, and
    the backtracking assault.

6
  • For more information Visit
  • https//appkodes.com/fancy-clone/
Write a Comment
User Comments (0)
About PowerShow.com