Re: [CentOS] Web site development and security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I'm looking at building a website and extranet on my CentOS server for my
home business.  I use PHP for my intranet but I hear PHP is a big security
sieve.  Can anybody recommend good books on website security and
development?  Which procedural language should I use to do this?

Oreilly has a ton of decent books, but I prefer to look for tools
which are well written. Things that work with php in safe mode, and
don't require the use of globals, allow_url_fopen, etc. If the tools
you want to use do require these options, then you need to understand
the risks involved, and how to mitigate them. The two biggest security
shotguns I employ are selinux and mod_security. With these, and a sane
web application, you'll eliminate a good 95% of the security risks out
there. You may also want to check out www.onlamp.com but keep in mind
that you may need to modify any directions listed there to stay within
the parameters set by the distribution.

--
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux