PHP and WordPress Application Security – Useful Links

PHP and WordPress Application Security – Useful Links

Mozilla Secure Coding Guidelines: https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines

PHP Manual: http://www.php.net/manual/en/manual.php

PHP Manual – Security Reference: http://php.net/manual/en/security.php

PHP source web viewer: http://svn.php.net/viewvc/php/

Apache

Apache HTTPD source viewer – http://svn.apache.org/viewvc/httpd/httpd/trunk/server/

PHP Security Checklist: http://www.sk89q.com/2009/08/definitive-php-security-checklist/ TODO – I haven’t looked too closely at this one yet – it’s a bookmark – I am going to review this link more carefully to see if I can use some of it to kickstart a checklist

phpsec.org: http://phpsec.org/projects/guide/

phpfreaks article: http://www.phpfreaks.com/tutorial/php-security

owasp: https://www.owasp.org/index.php/PHP_Security_Leading_Practice

php code execution vulns: http://www.php-security.org/2010/05/20/mops-submission-07-our-dynamic-php/index.html

WordPress Manual: http://codex.wordpress.org/

How plugins work: http://codex.wordpress.org/Writing_a_Plugin

WordPress Source Browser: http://core.trac.wordpress.org/browser

WordPress Function Reference: http://codex.wordpress.org/Function_Reference/

Template Tag Reference: http://codex.wordpress.org/Template_Tags

PHP Cross Reference of Variable, Functions, Classes, Constants: http://phpcrossref.com/wordpress/

Leave a comment