Unlimited Plugins, WordPress themes, videos & courses! Unlimited asset downloads! From $16.50/m
Dismiss
  1. Code
  2. Security

PHP OWASP Security

by
Lessons:20Length:2.1 hours
SecurityPHPWeb DevelopmentComposerPackagistJavaScriptSQLApache.htaccess
For full access to all 20 lessons, including source files, subscribe with Elements.
  • Overview
  • Transcript

3.5 Authentication

In this lesson, I cover authentication: how PHP handles session data, how to store session data and encrypt it, and how to use Redis as a session handler instead of the file system.

I’ll also show you how to make modifications to session cookies in order to prevent JavaScript manipulation of cookies, how to add entropy to the cookie to prevent a brute-force attack, and how to restrict cookies so that they are transmitted only over secure connections.

Related Links

1.Introduction
1 lesson, 00:40

Free Lesson
1.1
Introduction
00:40

2.The WidgetCorp App
4 lessons, 34:39

Free Lesson
2.1
Introducing the App
10:09

2.2
Data Modeling
04:19

2.3
Development Environment Setup
10:32

2.4
Configuration Defaults
09:39

3.OWASP Top Ten
14 lessons, 1:31:43

3.1
Injection Attacks and Defenses (Reflected, PHP, and JavaScript)
07:38

3.2
Injection Attacks (Mail, File, and SQL)
05:16

3.3
Injection Defenses (File System, Mail)
15:04

3.4
MySQL Injection Defenses
02:46

3.5
Authentication
09:50

3.6
Broken Authentication and Session Management
04:08

3.7
Insecure Direct Access or Object Reference
05:20

3.8
Security Configuration
12:18

3.9
Sensitive Data
08:26

3.10
Missing Function-Level Access Control
02:13

3.11
Cross-Site Request Forgery
04:48

3.12
Known Vulnerable Components
03:43

3.13
Unvalidated Redirects
03:04

3.14
Brute-Force Attacks
07:09

4.Conclusion
1 lesson, 00:48

4.1
Conclusion
00:48

Michael Soileau
Michael Soileau
Michael Soileau started making websites with Ruby on Rails and WordPress and then moved onto full-stack development with LAMP, Node and front-end JavaScript. He also teaches web development and hosts meetups about web development in his spare time.
Unlimited Downloads
From $16.50/month
Get access to over one million creative assets on Envato Elements.
Over 9 Million Digital Assets
Everything you need for your next creative project.
Create Beautiful Logos, Designs
& Mockups in Seconds
Design like a professional without Photoshop.
Join the Community
Share ideas. Host meetups. Lead discussions. Collaborate.
Quick LinksExplore popular categories