Uploaded by adilshahbcs

PhP Security

advertisement
PHP Security
• As of 2020, over 79% of server-side language was PHP. Most of these
are content management systems including eCommerce sites and
WordPress
• As it is such a widely-used programming language for websites,
including Facebook and Wikipedia, it is under continuous threat of
attacks and exploitations
• PHP security has become very important to keep websites and
platforms safe from cyber-attacks and hacks.
Some statistics about PHP security
• WordPress uses PHP as its scripting language. Over 35% of websites
use WordPress and it has one of the highest numbers of
vulnerabilities. In 2018 alone, WordPress had 542 vulnerabilities.
• The most common attack techniques on a PHP based website are –
SQL Injection and XSS attacks.
• According to a report, hackers steal about 75 records every second.
• In 2019, there was an attack every 39 seconds with over 30,000
websites hacked every day.
1. SQL Injection
• SQL Injection is a very common form of attack accounting for about
two-thirds of all web attacks
• With improper or ineffective code leading to a SQL Injection attack, a
data breach can occur resulting in the leakage of important details such
as credit card details and credentials, to name a few
• It can also compromise an entire web server
• To further protect your website you can do the following:
• Filtering your data: With proper filters for your input data you can stop any
suspicious or malicious codes from entering your system
• Using quotes in your data: If allowed in your database, then use quotes in all
values in SQL statements
• Use escape characters: In some cases, genuine data can interfere with SQL
statement formats. To avoid that you can use functions such as
mysql_escape_string()
2. Directory Traversal
• In this attack, one can view or execute crucial files and folders that
should be inaccessible to everyone but the administrators. These files
may reside outside the root folders and with incorrect file permissions
or coding error these files may be vulnerable to unauthorized access
3. Cross-Site Scripting (XSS attacks)
• XSS vulnerabilities are very common and this makes this attack
widely used
• In this attack, client-side scripts are inserted into the output of a
webpage and then these scripts are executed on the user’s system
• Attackers use this attack to steal information, credentials, or cookies,
to name a few
• XSS attacks are also common in websites that display external data
• You can prevent such attacks by following the below steps:
• Filtering all external data: If you filter all incoming and outgoing data from
your website you can stop most of the XSS attacks
• Existing functions: PHP has a couple of functions you can use such as
htmlentities(), utf8_decode() and strip_tags(). Using these functions will save
your time and since they are inbuilt they will have less vulnerability
• Using strict naming conventions: Using a strict naming convention will help in
distinguishing between filtered and unfiltered data, which will be beneficial in
the development phase
4. Cross-site request forgery
Cross-site request forgery attacks are done from the user side and
exploit the trust that webpages have on users. Users having higher
privileges face the highest threats. This attack is less popular than others
and is thus more dangerous. Protecting your website from such attacks
is also more complicated as compared to the ones mentioned above.
When users log into a website, they receive certain privileges such as
accessing pages not available to others. Using these privileges, attackers
can design HTTP requests that are then executed by the webpage.
Attackers can use this technique to access the database or extract
important information.
• The below PHP security steps will help you prevent such attacks:
• Using POST instead of GET in all forms: You can use POST in forms that
allow it, specifically those that can perform any actions
• Using HTTPS: Using HTTPS has become the new standard and rightly so.
HTPPS encrypts the connection between your website and the user. It might
not be the one-stop solution to prevent CSRF attacks but it strengthens
your PHP security and protects your website from a range of other attacks
5. Password storage
• With the increasing cases of credential theft and data dumping on the dark web, storing credentials
such as passwords securely has become much more important. Attackers can leverage
vulnerabilities such as SQL Injection or XSS attacks and access passwords stored within the
website. In case there is a breach of security, it is important to ensure that attackers are unable to
decode the passwords and cause further damage. There are two important ways to securely store
passwords, using a hashing algorithm.
• The most common hashing algorithm is MD5 and it is the fastest. However, it is easy and fast to
crack. You can use the password_hash() function instead of MD5, as it is more secure.
6. Session hijacking
• Session Hijacking attacks are the most common form of session attacks.
This attack includes accessing an unsuspecting user’s session and then
launch further attacks. Once hijacking is successful the attacker can perform
all tasks that the original user had permission for. In case the user’s session
was to log into their bank accounts, attackers can make transfers or take
over the account entirely. This attack can also provide access to companywide networks, in case the session belongs to an employer in an
organization.
Download