Web Security Blog

Similarly to the OWASP Cheat Sheet on PHP security, there is another great checklist to be shared – PHP Application Security Checklist.

Structured in a way for you to be able to revise all aspects of an existing PHP application. Print a couple of times and perform a security audit of your website until full completion of the list.

General topics covered:

• Basic
• Input
• File Uploads
• Database
• Serving Files
• Authentication
• Sessions
• 3rd Party
• Misc
• Shared Hosting