How important is PHP security?

As a web developer, chances are you already know a few things about PHP security.

Maybe you already know how to avoid SQL injections or XSS attacks.

But if you are here reading these words, it's because you want to become more confident about security.

You are in the right place: by the end of this course, you will be able to write 100% secure PHP applications for you and your clients.

But before you invest your time and energy into it, I want you to understand how much PHP security really matters for a web developer like you.

If you are asking yourself:

"How much should I care about PHP security?"

"Is it really something I should be concerned about?"

Then let me tell you this: if you want to make a career as a PHP developer, then you really should care about security.

Let's see why.

Security is not optional

A common mistake among new developers is to consider security as a "plus", something that improves the code quality but that's not strictly required.

After all, a web application still works even if it’s not secure, right?

Well... NO.

An insecure app may work inside a local, protected environment. But once it gets deployed in the wild, it's just a matter of time before it gets targeted and hacked.

If you provide your clients (or the company you work for) with insecure code, you are giving them an incomplete and dangerous product that will stop working as soon as the first attack comes.

By doing that, you are risking your reputation and possibly your money too.

Your clients expect a secure solution. What happens if they find out that's not the case?

So, why should you care?

As web developers, we have the responsibility to keep the web a safe place as much as we can. It's part of our job.

But writing secure PHP code is not just about "security" itself. It's also about you and your career.

Think about it:

  • If you provide your clients with insecure PHP applications, you will likely lose your clients for good.
  • The less secure your apps are, the less clients you'll get (and the less money you'll make).
  • If a client gets in trouble because of your app, you could get in trouble too.

Ultimately, making insecure apps will give you a bad reputation. And with millions of PHP developers out there, you simply cannot afford a bad reputation.

On the other hand, learning how to deliver secure PHP applications will improve your reputation and will make your career grow.

The more confident you are about security, the faster your reputation and career will grow.

In other words: you should care about PHP security as much as you care about your own career.