Skip to Content
Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses, Second Edition
book

Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses, Second Edition

by Chris Snyder, Michael Southwell, Thomas Myer
December 2010
Intermediate to advanced
363 pages
12h 21m
English
Apress
Content preview from Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses, Second Edition

General Security Considerations

Generally speaking, think about adopting these security principles:

  • Never run the server as root. Run as an ordinary, unprivileged user.. When the MySQL server runs, it executes with the privileges of the account under which it runs. If the server runs as root, it has the root privileges, including such abilities as reading and writing files anywhere in the file system. Clients may attempt to take advantage of the server's root privileges to read privileged information or write files that modify your system. Running the server using an ordinary login account that has no special privileges minimizes this risk by preventing the server from accessing sensitive files and data.
  • The MySQL data directory should only ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Essential PHP Security

Essential PHP Security

Chris Shiflett
Securing PHP Apps
Preventing Web Attacks with Apache
What's New in Apache Web Server 2.2?

Publisher Resources

ISBN: 9781430233183Purchase book