Senior Fullstack JavaScript Developer with a passion for creating testable, maintainable, scalable codebases.
Specialising in Vue.JS, React, Node.JS, TypeScript, and Vanilla JavaScript.
Location
London, UK
Work
Senior Fullstack JavaScript Developer @ Studio Rotate
Great post Andrew! I think these tips are great as a checklist of sorts to go through when developing/deploying a new PHP site such as turning off verbose errors etc. but I think it's just as (if not more) important that as developers we understand the ways in which our applications and websites could be attacked.
Using frameworks is a good way to protect against these sorts of exploits however it is much better if the dev understands the way in which the framework is protecting them as it is still rather easy for an uninformed dev to code around the protections most modern frameworks offer (raw DB queries etc.) without realising that they may be compromising the security of their application.
Check out this course: hacker101.com/ I completed it recently and it truly does open your eyes up to some of the super complex ways people are able to exploit websites.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Great post Andrew! I think these tips are great as a checklist of sorts to go through when developing/deploying a new PHP site such as turning off verbose errors etc. but I think it's just as (if not more) important that as developers we understand the ways in which our applications and websites could be attacked.
Using frameworks is a good way to protect against these sorts of exploits however it is much better if the dev understands the way in which the framework is protecting them as it is still rather easy for an uninformed dev to code around the protections most modern frameworks offer (raw DB queries etc.) without realising that they may be compromising the security of their application.
Check out this course: hacker101.com/ I completed it recently and it truly does open your eyes up to some of the super complex ways people are able to exploit websites.