This site is powered by
course builder. Create your online course today.
Start now
Create your course
with
Autoplay
Autocomplete
Previous Lesson
Complete and Continue
PHP Security Mastery - Pro (1.0)
Introduction
How important is PHP security?
How to use this course
Help and contacts
Chapter 1: Variable Validation
Introduction to variable validation
Type checking
Integer checking
Float checking
Limit checking for numbers
Limit checking for strings and other types
JSON validation
JSON validation: example
Filters and string functions
Custom validation functions
Regular expressions as filters
Blacklists
Whitelists
Type casting for validation?
Quiz time
Chapter 2: Sessions Security
Sessions-related attacks
Basic Fixation attacks
Two-step Fixation attacks
How to prevent Hijacking attacks
How to mitigate Hijacking attacks
One-time tokens
Session access timeout
Virtual Sessions
Sessions configuration
Quiz time
Chapter 3: XSS Prevention
What is an XSS attack?
Reflected and Stored XSS
How to prevent XSS attacks
HTML elements and sanitization
URLs sanitization
Nested contexts
Further steps
Quiz time
Chapter 4: Cross-Site Request Forgery (CSRF)
Introduction to CSRF
How to execute CSRF attacks
Anti-CSRF tokens
HTML-based tokens
Cookie-based tokens
Sessions login with samesite strict
Custom header tokens
Token timeout strategies
Login CSRF attacks
Referer and Origin headers
Stateless double-check tokens
Quiz time
Chapter 5: Remote File Upload
File upload security
File name validation
Extension validation
Name collisions
Forced file name
File size limits
File content validation
Upload location
Database storage
Quiz time
Appendix: PHP Configuration
Introduction
Execution control
Information exposure
Defense
Sessions
Limit checking for strings and other types
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock