Hi Nayana,
no, you don't need a security expert to secure your php scripts. But you
also don't need to be a security expert to exploit php issues... =)
Have a look at this:
http://www.hardened-php.net/
HTH
Nayana Somaratna wrote:
> Hi everyone,
>
> I've been tasked with creating a learning management system for my
> University. Given that we're only handling a few handred students, I'd
> typically want to create it using linux/apache/mysql/php.
>
> However, when browsing the web, I found an article which said that "it
> requires an expert to lockdown php" (Sorry, but I can't quite recall
> the URL).
>
> While I am not a novice, I am defintely not an expert either -
> expecially on security issues.
>
> So, I'd like to ask the members of this list - how difficult is it to
> secure php ? Do you really need a security "expert" to do this ?
>
> P.S. The few hundred students mentioned above are IT students ;-)
>
> Thanks,
>
> - Nayana
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Nov 01 2004
Intro
