Protect your PHP installation with the Suhosin extension

In 2004, Stefan Esser, a security especialist that was responsible for finding and fixing many security bugs in PHP has developed a PHP extension named Suhosin. Stefan is an outstanding security specialist for which PHP is very fortunate to have his expertise in service of a more secure PHP implementation. Suhosin is a sophisticated extension that(…)

What if I Cannot Upgrade my installed PHP Version?

Many sites run on servers that only administrators are ready PHP packages and other programs provided by the suppliers of the distribution of Linux or another operating system that runs on the server. If you are using the latest version of the OS, which is still supported by the distribution of suppliers, may be a(…)

Shall I Upgrade my installed PHP version?

Well the first thing you should consider what the web hosting you are using. If you are on a shared Web hosting, you can not upgrade at all. It depends on your web hosting company to do it. Usually web hosting companies to control the load of their web servers. If the client is consuming too many resources(…)

What You Can do to Prevent eventual Attacks in PHP?

This is not a new vulnerability. In fact, he was introduced long ago in 2003. By the time it seems that only Perl and cruby developers turned to the issue. Most other developers do not care about the language question, including PHP. So it’s basically a rehash of an old problem.This time, security researchers mentioned above contacted several developers(…)

What is the Hash Collision Vulnerability?

Arrays are very popular types of data in PHP and other scripting languages. These types of data that can store a variable number of entries of any type. You can save an unlimited number of entries in the array as you want. This is the main problem of vulnerability known as the Hash collision. In PHP and other(…)

eBay introduced, SQL-like language for interacting with web-services

EBay has submitted a draft, in which prepared the implementation of a declarative domain-specific language for the formation of the samples, acting as a superstructure over the traditional Web API of existing services. language based on the ideas and uses a SQL data manipulation when the format JSON. The project objective is to reduce development(…)