php - Elements for building secure site

942

If i was to build a "Hacker proof" site what would be my weapons of choice? I guess wordpress is out of the question. ;)

I am fully aware that it is no such thing as hacker proof but lets say i wanted to delay for as long as possible.

Maybe you can give me some pointers on how to proceed with that and some do´s and dont´s.

Thank you.

282

Answer

Solution:

The question is very broad, but some essentials:

  • Prevent SQL Injection by using prepared statements.
  • Validate input / Output to prevent XSS
  • CSRF protection for form data
  • HTTPS for secure login pages
  • Secure permissions for web processes / folders on your server
  • Up to date software on server
  • Backups to remote server
  • Fail2Ban to prevent brute forcing
  • Montior access / error logs from apache/nginx
  • Monit for resource montioring
  • Encrypt passwords using a secure hashing algorithm that can't be brute forced
  • Two Factor authentication

Those are the ones off the top of my head.

People are also looking for solutions to the problem: php - mysql query results with delivery distance and delivery zipcode

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.