Nice article about PHP hardening and auditing
Here’s a nice article by Tenable about PHP hardening and auditing (using Nessus):
http://blog.tenablesecurity.com/2009/08/configuration-auditing-phpini-to-help-prevent-web-application-attacks.html
Here’s a nice article by Tenable about PHP hardening and auditing (using Nessus):
http://blog.tenablesecurity.com/2009/08/configuration-auditing-phpini-to-help-prevent-web-application-attacks.html
Here are some very nice examples on how not to do it …
http://whereismydata.wordpress.com/2009/08/02/computer-forensics-how-not-to-interview/
The “ModSecurity Core Rule Set” is now an OWASP project:
http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project