Security


When you're discussing the Internet, security should be the first thing that comes to mind. Unfortunately, security is an extremely complicated issue - even security experts cannot be 100% sure that their network is secure. At most, you can hope to reach a state where you feel comfortableabout your network's security.
Now, granted that security poses a distinct challenge, it clearly becomes the priority in your network and application design. Security can be divided into three categories: 1) network, 2) server, and 3) application. For network and server security, installing a quality firewall and hiring a competent system administrator can go a long way towards making you feel comfortable.
Application security, however, is not so easy. Generally software must undergo a series of audits and "trial by fire" before it can be considered anywhere near safe. And even then, some exploits or bugs in the software may go undiscovered for years.
The point is that it takes years for application software to gain the comfortable level of security that is appointed the most secure applications. With that in mind, it makes sense to base your design on fundamental security concepts.

Some quick rules of thumb:
Always verify any data sent from a client for size and type.

Be extra careful with scripts that talk to databases - don't give the web server any more permissions that it needs.

Any file operations done by the web server are high risk. Verify that your permission structure does not grant any unnecessary permissions which could be exploited to damage the system.

Avoid executing shell commands at all costs.

Never send clear-text passwords over the network. Use encrypted connections, with ssh or ssl, whenever sending important information. OK, more on that later, next, we'll talk about maintainability, or, where you are going to spend your time and money.
No comments

Enter your email address:

Delivered by FeedBurner

OR

 Subscribe in a reader

 
Latest Blogs
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Tips for optimizing php code by PHP Expert Important SERVER Variables in PHP - By PHP Expert Improved Error Messages in PHP 5 - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert Object Overloading in PHP 5 Persistable Classes - By PHP Expert Dynamic Getter/Setter Methods - By PHP Expert New Functions in PHP 5 New Directives - By PHP Expert Exception Handling - By PHP Expert Password Encryption in PHP - By PHP Expert Output Buffering in PHP - By PHP Expert Page Excerpts Using CURL - By PHP Expert Quick and Easy Google Site Search - By PHP Expert Always Be Notified When Google Crawls Your Site - By PHP Expert How to POST Form Data using CURL - By PHP Expert Cryptography for web developers - By PHP Expert Dynamically Loading JavaScript Files - by PHP Expert What is Web 2.0 - By PHP Expert