Chapter 4

Securing a Web App

IN THIS CHAPTER

Getting familiar with security issues

Sanitizing data coming into the server

Sanitizing data going out from the server

Securing file uploads and user passwords

Setting up secure directories and sessions

“I saw the head of the company on CNN or something. He said nobody could get into their network. Their security systems were foolproof. I wanted to see if that was true.” “Were they?” “As a matter of fact, yeah, they were foolproof. The problem is that you don’t have to protect yourself against fools. You have to protect yourself against people like me.”

— JEFFERY DEAVER

Like it or not (and I suspect not), we live in a world populated by a small but determined band of miscreants who spend all their time, energy, and intellect trying to deface, destroy, or exploit web apps just like the ones you want to build. And make no mistake: If you put an unprotected web app online, sooner or later (almost certainly sooner) it will be found by one ...

Get Web Coding & Development All-in-One For Dummies, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Web Coding & Development All-in-One For Dummies, 2nd Edition by Paul McFedries

Securing a Web App

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly