php - Elements for building secure site


If i was to build a "Hacker proof" site what would be my weapons of choice? I guess wordpress is out of the question. ;)

I am fully aware that it is no such thing as hacker proof but lets say i wanted to delay for as long as possible.

Maybe you can give me some pointers on how to proceed with that and some do´s and dont´s.

Thank you.




The question is very broad, but some essentials:

  • Prevent SQL Injection by using prepared statements.
  • Validate input / Output to prevent XSS
  • CSRF protection for form data
  • HTTPS for secure login pages
  • Secure permissions for web processes / folders on your server
  • Up to date software on server
  • Backups to remote server
  • Fail2Ban to prevent brute forcing
  • Montior access / error logs from apache/nginx
  • Monit for resource montioring
  • Encrypt passwords using a secure hashing algorithm that can't be brute forced
  • Two Factor authentication

Those are the ones off the top of my head.

People are also looking for solutions to the problem: php - mysql query results with delivery distance and delivery zipcode


Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.