Essential PHP Security HD PDF, CHM download

This article along with all titles and tags are the original content of AppNee. All rights reserved. To repost or reproduce, you must add an explicit footnote along with the URL to this article!
Any manual or automated whole-website collecting/crawling behaviors are strictly prohibited.
Any resources shared on AppNee are limited to personal study and research only, any form of commercial behaviors are strictly prohibited. Otherwise, you may receive a variety of copyright complaints and have to deal with them by yourself.
Before using (especially downloading) any resources shared by AppNee, please first go to read our F.A.Q. page more or less. Otherwise, please bear all the consequences by yourself.
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Ads Place

PHP has become one of the world’s most popular web programming languages from a tool used for producing personal web page. It ensures the operation of so many busiest websites on the Internet. This also brings the problems to be focused on, that’s performance, maintainability, testability, reliability and the most important thing – security.

Each chapter in Essential PHP Security explains a web application instance (such as form processing, database programming, SESSION management and validation), which covers all the major aspects in the PHP development. Besides, each section illustrates the attack methods and prevention techniques for the corresponding aspects. When finish reading Essential PHP Security, you will be able to understand and master all kinds of security measures that learned from this book, so as to calmly reply to plenty of new attacks and skills from malicious persons.

Although Essential PHP Security with an eye to PHP language only, and show you how to manipulate the PHP’s special function to write the secure code, yet the concepts in this book are really suitable for any web development platform.

// Table Of Contents //

  • Chapter 1 Introduction
    • PHP Features
    • Principles
    • Practices
  • Chapter 2 Forms and URLs
    • Forms and Data
    • Semantic URL Attacks
    • File Upload Attacks
    • Cross-Site Scripting
    • Cross-Site Request Forgeries
    • Spoofed Form Submissions
    • Spoofed HTTP Requests
  • Chapter 3 Databases and SQL
    • Exposed Access Credentials
    • SQL Injection
    • Exposed Data
  • Chapter 4 Sessions and Cookies
    • Cookie Theft
    • Exposed Session Data
    • Session Fixation
    • Session Hijacking
  • Chapter 5 Includes
    • Exposed Source Code
    • Backdoor URLs
    • Filename Manipulation
    • Code Injection
  • Chapter 6 Files and Commands
    • Traversing the Filesystem
    • Remote File Risks
    • Command Injection
  • Chapter 7 Authentication and Authorization
    • Brute Force Attacks
    • Password Sniffing
    • Replay Attacks
    • Persistent Logins
  • Chapter 8 Shared Hosting
    • Exposed Source Code
    • Exposed Session Data
    • Session Injection
    • Filesystem Browsing
    • Safe Mode
  • Appendix A Configuration Directives
  • Appendix B Functions
  • Appendix C Cryptography

// Book Example Codes //

// Download URLs //

Format Download Size
PDF 1.33 MB
CHM 368 KB


If some download link is missing, and you do need it, just please send an email (along with post link and missing link) to remind us to reupload the missing file for you. And, give us some time to respond.
If there is a password for an archive, it should be "".
Most of the reserved downloads (including the 32-bit version) can be requested to reupload via email.