Khalil Shreateh specializes in cybersecurity, particularly as a "white hat" hacker. He focuses on identifying and reporting security vulnerabilities in software and online platforms, with notable expertise in web application security. His most prominent work includes discovering a critical flaw in Facebook's system in 2013. Additionally, he develops free social media tools and browser extensions, contributing to digital security and user accessibility.

Get Rid of Ads!


Subscribe now for only $3 a month and enjoy an ad-free experience.

Contact us at khalil@khalil-shreateh.com

Protect PHP File: Direct Access + CSRF + PHP Redirect Bug+ DOS Attacks

Details
Written by: khalil shreateh
Category: Websites Security
Hits: 1768

Most vulnerabilities are the result of bad coding habits or lack of PHP application security awareness among developers. The primary cause is the fact that user input is treated as trusted.

 

When you write code, you must apply two key procedures: validation and sanitization. If you implement both these procedures for user data, you ensure that what is processed and executed is valid and meets specified criteria. You must also ensure that the HTML output data is escaped so that no malicious code is executed in case an attacker injected it into the content. If you follow certain simple and basic procedures for every web page, you significantly minimize the possibility of being exposed to a critical security issue.

 

In this tutorial iam talking about PHP direct access, CSRF "Cross site request forgery" , Redirect Bug and DOS "Denial of service" attacks.