5 of 5 people found the following review helpful
An excellent introduction.,
This review is from: Pro PHP Security (Paperback)I am currently developing an e-commerce application for the first time. Shortly after starting I realised that I would need to know something about security in order to safely handle customers' details, including credit cards. This book provides an excellent introduction to the world of cryptography and security in general, and then specifically focusses on how to implement it in a PHP environment.
After reading the relevant chapters, I was able to build a robust and secure encryption/decryption routine, using both symmetric and asymmetric algorithms. As well as this I was able to generate my own SSL certificates and set up a SSL webserver on my dev machine. None of this would have been possible without the data I learned in this book.
On top of the practical help I got, the book is also well written and got me genuiunely interested in the background and theory behind all the various aspects of computer and internet security, from protecting sensitive data, to preventing malicious attacks such as XSS or SQL injection. Much of this has been implemented in my application, which should be pretty heavy-duty when I'm done.