Security

New PHP Security and Authentication Framework

Introducing the MDBitz Security and Authentication Framework for PHP. I have always had an issue with any PHP Security or Authentication Framework or library that I have utilized in past projects. That is why I am developing my own comprehensive Security and Authentication Framework. I am building this framework from the ground up keeping all

Securing your php websites on shared servers by use of the session_save_path configuration

Beginner web developers may not be fully aware of the security vulnerabilities from shared hosting. Most shared hosting servers work by having a common php installation that uses the same php.ini configurations to run. What this means to the user is that all session information for all users are stored in a common directory on

Remote Code Execution

Remote Code Execution is a security vulnerability in where a malicious user manipulates input or a url to run code from a remote location.  Unlike Cross Site Scripting XSS where only the user is affected Remote Code Execution could run scripts that delete all files on your server. This security risk like most vulnerabilities comes

Session Fixation

Session Fixation is a security vulnerability where a user sets the Session Identifier (SID) of a user to a known value, allowing them to access your session. This would allow the malicious user to access the user’s private information. For Example: Jason has determined that his neighbor Joe’s bank site http://mybank.com is susceptible to a