Where can I find a web-project "security checklist?"

Posted by iaagty on Stack Overflow See other posts from Stack Overflow or by iaagty
Published on 2010-03-19T08:01:01Z Indexed on 2010/03/19 8:11 UTC
Read the original article Hit count: 220

I'm looking for a complete list of security guidelines for programming and deploying PHP web sites and applications on an Apache (Linux) server. Basically, a "security check list" to run through before finishing a project. I.e.,

  1. Cross Site Scripting
  2. Cross Site Request Forgery
  3. Sanitize form data that goes into database
  4. Disable register globals and error reporting in custom php.ini
  5. Upload files below web root ...(the list goes on)

I did some searching on the internet and in this forum, but couldn't find a comprehensive, succinct, and complete list of guidelines.

Thanks in advance.

© Stack Overflow or respective owner

Related posts about php

Related posts about security