Web security 2016: from php[architect] magazine
Gespeichert in:
| Weitere Verfasser: | , |
|---|---|
| Format: | Buch |
| Sprache: | English |
| Veröffentlicht: |
Alexandria, VA
musketeers.me
Sept 2016
|
| Ausgabe: | First edition |
| Schriftenreihe: | A php[architect] anthology
|
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis Klappentext |
| Beschreibung: | Auf dem Buchrücken: Security anthology 2016 |
| Beschreibung: | VIII, 117 Seiten Illustrationen 24 cm |
| ISBN: | 9781940111414 1940111412 |
Internformat
MARC
| LEADER | 00000nam a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV044685440 | ||
| 003 | DE-604 | ||
| 005 | 20180208 | ||
| 007 | t | ||
| 008 | 171215s2016 a||| |||| 00||| eng d | ||
| 020 | |a 9781940111414 |9 978-1-940111-41-4 | ||
| 020 | |a 1940111412 |9 1-940111-41-2 | ||
| 035 | |a (OCoLC)1024108764 | ||
| 035 | |a (DE-599)BVBBV044685440 | ||
| 040 | |a DE-604 |b ger |e rda | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-355 | ||
| 084 | |a ST 277 |0 (DE-625)143643: |2 rvk | ||
| 245 | 1 | 0 | |a Web security 2016 |b from php[architect] magazine |c edited by Oscar Merida ; contributors: Ed Barnard [und 6 weitere] |
| 246 | 1 | 3 | |a Security anthology 2016 |
| 250 | |a First edition | ||
| 264 | 1 | |a Alexandria, VA |b musketeers.me |c Sept 2016 | |
| 300 | |a VIII, 117 Seiten |b Illustrationen |c 24 cm | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 490 | 0 | |a A php[architect] anthology | |
| 500 | |a Auf dem Buchrücken: Security anthology 2016 | ||
| 650 | 7 | |a Réseaux d'ordinateurs / Mesures de sûreté |2 ram | |
| 650 | 7 | |a Sites Web / Mesures de sécurité |2 ram | |
| 700 | 1 | |a Merida, Oscar |4 edt | |
| 700 | 1 | |a Barnard, Ed |4 ctb | |
| 776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe, PDF |z 978-1-940111-42-1 |
| 776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe, epub |z 978-1-940111-43-8 |
| 776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe, mobi |z 978-1-940111-44-5 |
| 776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe, safari |z 978-1-940111-45-2 |
| 856 | 4 | 2 | |m Digitalisierung UB Regensburg - ADAM Catalogue Enrichment |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=030082474&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 856 | 4 | 2 | |m Digitalisierung UB Regensburg - ADAM Catalogue Enrichment |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=030082474&sequence=000002&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA |3 Klappentext |
| 999 | |a oai:aleph.bib-bvb.de:BVB01-030082474 | ||
Datensatz im Suchindex
| _version_ | 1804178144300630016 |
|---|---|
| adam_text | JtL
¿if“m
if II
£w fell
m
i
՛ 1 I
vam»**
?- «
4;^ ii^ma
, f i i r
- ■ 1 «
- 1 f * ,.
sum k*J ^iS SSIjS^
Introduction VII
Chapter 1. Is Your Website Secure from Hackers? 1
Authentication and Authorization 2
Database Interaction 5
Files and Resources 7
CMS, Framework, and Other Components 10
Final Note 13
Additional resources 14
Chapter 2. Basic Intrusion Detection with Expose 15
What Is an IDS and Why You Should Use One 15
Advantages, Limitations, and Disadvantages of Expose 18
Expose Installation Run Through 21
Logging, Alerting, and Thresholds 25
Next Steps 26
Conclusion 27
Web Security 2016
III
Table of Contents
Chapter 3. DeLoreans, Data, and Hacking Sites 29
Introduction 30
What Is SQLi? 31
Identifying Potential SQL Injection 33
“Hacking” Your Own Sites 34
Prepared Statements 36
Conclusion 38
Chapter 4. Drupal Security: How Open Source Strengths
Manage Software Vulnerabilities 39
Drupal 8 40
Keeping a Drupal Site Secure 40
Drupal Security Team 40
Software Vulnerabilities 41
Reporting a Drupal Security Issue 41
Handling Drupal Security Issues 42
Security Advisory 42
The Drupal Security Team Welcomes New Members 44
Open Source 44
Chapter 5. Mastering OAuth 2.0 45
Let s Jump In 46
Preparing for OAuth 47
Integrating with Instagram 49
A Brief History of Web Authorization 55
What is OAuth 2.0? 56
Toward a More Secure Web 60
IV
Web Security 20x6
Chapter 6. Keep Your Passwords Hashed and Salted 61
Introduction 61
Rule One: No Plain Text 62
What is Hashing? 62
How to Use Hashes 64
Techniques Crackers Employ to Break Hashes 66
Salting Passwords 69
Use Proper Salt 70
Hashing Algorithms 71
Better Algorithms 71
Hashing in PHP 73
Password-Related Functions in Modern PHP 74
Summary 75
Chapter 7. Learn from the Enemy: Securing Your
Web Services, Part One 77
It Happens 78
Web Services are Different 80
Learn from the Master 84
Looking Forward 85
Additional Reading 85
Chapter 8. Security Architecture: Securing your
Web Services, Part Two * 87
Web Service Security 88
Your Security Architecture 91
Security Implementation 96
Web Security 2016
V
Chapter 9.
Implementing Cryptography 97
Use the Encryption Library 97
Randomness 100
Using Randomness 100
The Session Token 101
Encrypting and Decrypting a String 102
Involving Experts 106
Additional Reading 107
Contributors 109
Ed Barnard 109
Leszek Krupinsld 109
Nicola Pietroluongo 109
Ben Ramsey 109
David Stockton 110
Cathy llieys 110
Greg Wilson 110
Permissions 111
Index 113
VI Web Security 2016
Are you keeping up with modern security practices? This
anthology collects articles first published in php [architect] maga-
zine. Each one touches on a security topic to help you harden and
secure your PHP and web applications. Your users’ information is
important, make sure you’re treating it with care.
This anthology includes:
• An overview of the attacks you should be familiar with and how to protect
against exploits.
• Using a PHP-based Intrusion Detection System to monitor and reject requests
that attempt to breach your site.
•
• How to protect against SQL Injection from user-supplied data by using
prepared statements.
• A case study in how the Drupal security team keeps core and contributed
modules safe.
• How to securely store passwords and understanding the techniques used to
crack credentials.
• Using OAuth 2.0 to connect to web services and fetch information for your
users without asking for a password.
• How web service security differs from traditional web application security and
advice for effectively protecting one from malicious users.
• Identifying the right kind of cryptography to implement in your application
and doing it correctly.
Each month in php [architect] magazine, experts from the PHP community
and wider web development community share their knowledge and experi-
ence with our readers. Leverage their expertise in building and protecting
websites for all types of organizations.
|
| any_adam_object | 1 |
| author2 | Merida, Oscar Barnard, Ed |
| author2_role | edt ctb |
| author2_variant | o m om e b eb |
| author_facet | Merida, Oscar Barnard, Ed |
| building | Verbundindex |
| bvnumber | BV044685440 |
| classification_rvk | ST 277 |
| ctrlnum | (OCoLC)1024108764 (DE-599)BVBBV044685440 |
| discipline | Informatik |
| edition | First edition |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02067nam a2200433 c 4500</leader><controlfield tag="001">BV044685440</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20180208 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">171215s2016 a||| |||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781940111414</subfield><subfield code="9">978-1-940111-41-4</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1940111412</subfield><subfield code="9">1-940111-41-2</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1024108764</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV044685440</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-355</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Web security 2016</subfield><subfield code="b">from php[architect] magazine</subfield><subfield code="c">edited by Oscar Merida ; contributors: Ed Barnard [und 6 weitere]</subfield></datafield><datafield tag="246" ind1="1" ind2="3"><subfield code="a">Security anthology 2016</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">First edition</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Alexandria, VA</subfield><subfield code="b">musketeers.me</subfield><subfield code="c">Sept 2016</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">VIII, 117 Seiten</subfield><subfield code="b">Illustrationen</subfield><subfield code="c">24 cm</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">A php[architect] anthology</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Auf dem Buchrücken: Security anthology 2016</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Réseaux d'ordinateurs / Mesures de sûreté</subfield><subfield code="2">ram</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Sites Web / Mesures de sécurité</subfield><subfield code="2">ram</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Merida, Oscar</subfield><subfield code="4">edt</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Barnard, Ed</subfield><subfield code="4">ctb</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, PDF</subfield><subfield code="z">978-1-940111-42-1</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, epub</subfield><subfield code="z">978-1-940111-43-8</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, mobi</subfield><subfield code="z">978-1-940111-44-5</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, safari</subfield><subfield code="z">978-1-940111-45-2</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Regensburg - ADAM Catalogue Enrichment</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=030082474&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Regensburg - ADAM Catalogue Enrichment</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=030082474&sequence=000002&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Klappentext</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-030082474</subfield></datafield></record></collection> |
| id | DE-604.BV044685440 |
| illustrated | Illustrated |
| indexdate | 2024-07-10T07:59:18Z |
| institution | BVB |
| isbn | 9781940111414 1940111412 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-030082474 |
| oclc_num | 1024108764 |
| open_access_boolean | |
| owner | DE-355 DE-BY-UBR |
| owner_facet | DE-355 DE-BY-UBR |
| physical | VIII, 117 Seiten Illustrationen 24 cm |
| publishDate | 2016 |
| publishDateSearch | 2016 |
| publishDateSort | 2016 |
| publisher | musketeers.me |
| record_format | marc |
| series2 | A php[architect] anthology |
| spelling | Web security 2016 from php[architect] magazine edited by Oscar Merida ; contributors: Ed Barnard [und 6 weitere] Security anthology 2016 First edition Alexandria, VA musketeers.me Sept 2016 VIII, 117 Seiten Illustrationen 24 cm txt rdacontent n rdamedia nc rdacarrier A php[architect] anthology Auf dem Buchrücken: Security anthology 2016 Réseaux d'ordinateurs / Mesures de sûreté ram Sites Web / Mesures de sécurité ram Merida, Oscar edt Barnard, Ed ctb Erscheint auch als Online-Ausgabe, PDF 978-1-940111-42-1 Erscheint auch als Online-Ausgabe, epub 978-1-940111-43-8 Erscheint auch als Online-Ausgabe, mobi 978-1-940111-44-5 Erscheint auch als Online-Ausgabe, safari 978-1-940111-45-2 Digitalisierung UB Regensburg - ADAM Catalogue Enrichment application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=030082474&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis Digitalisierung UB Regensburg - ADAM Catalogue Enrichment application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=030082474&sequence=000002&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA Klappentext |
| spellingShingle | Web security 2016 from php[architect] magazine Réseaux d'ordinateurs / Mesures de sûreté ram Sites Web / Mesures de sécurité ram |
| title | Web security 2016 from php[architect] magazine |
| title_alt | Security anthology 2016 |
| title_auth | Web security 2016 from php[architect] magazine |
| title_exact_search | Web security 2016 from php[architect] magazine |
| title_full | Web security 2016 from php[architect] magazine edited by Oscar Merida ; contributors: Ed Barnard [und 6 weitere] |
| title_fullStr | Web security 2016 from php[architect] magazine edited by Oscar Merida ; contributors: Ed Barnard [und 6 weitere] |
| title_full_unstemmed | Web security 2016 from php[architect] magazine edited by Oscar Merida ; contributors: Ed Barnard [und 6 weitere] |
| title_short | Web security 2016 |
| title_sort | web security 2016 from php architect magazine |
| title_sub | from php[architect] magazine |
| topic | Réseaux d'ordinateurs / Mesures de sûreté ram Sites Web / Mesures de sécurité ram |
| topic_facet | Réseaux d'ordinateurs / Mesures de sûreté Sites Web / Mesures de sécurité |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=030082474&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=030082474&sequence=000002&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT meridaoscar websecurity2016fromphparchitectmagazine AT barnarded websecurity2016fromphparchitectmagazine AT meridaoscar securityanthology2016 AT barnarded securityanthology2016 |