Security
About 30% of all vulnerabilities listed on the National Vulnerability Database are linked to PHP. These vulnerabilities are caused mostly by not following best practice programming rules: technical security flaws of the language itself or of its core libraries are not frequent (23 in 2008, about 1% of the total). Recognizing that programmers make mistakes, some languages include taint checking to automatically detect the lack of input validation which induces many issues. Such a feature is being developed for PHP, but its inclusion in a release has been rejected several times in the past.
There are advanced protection patches such as Suhosin and Hardening-Patch, especially designed for Web hosting environments.
PHPIDS adds security to any PHP application to defend against intrusions. PHPIDS detects attacks based on cross-site scripting (XSS), SQL injection, header injection, directory traversal, remote file execution, remote file inclusion, and denial-of-service (DoS).
Read more about this topic: PHP
Famous quotes containing the word security:
“There is something that Governments care for far more than human life, and that is the security of property, and so it is through property that we shall strike the enemy.... Be militant each in your own way.... I incite this meeting to rebellion.”
—Emmeline Pankhurst (1858–1928)
“The three great ends which a statesman ought to propose to himself in the government of a nation, are,—1. Security to possessors; 2. Facility to acquirers; and, 3. Hope to all.”
—Samuel Taylor Coleridge (1772–1834)
“I think the girl who is able to earn her own living and pay her own way should be as happy as anybody on earth. The sense of independence and security is very sweet.”
—Susan B. Anthony (1820–1906)