News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Docnet.nu:
SSL And PHP Streams - Part 1 You Are Doing It Wrong™
June 26, 2014 @ 09:54:40

On the Docnet.nu blog today they've kicked off a series looking at the use of streams and SSL in PHP and asking if you're doing it wrong in your current applications. The focus is more on the security aspect, breaking it down into a set of common problems (and how to work around them).

The upcoming PHP 5.6 release brings with it a number of improvements to encrypted PHP streams, both internally and externally. In these articles I will try to cover the most important changes, and how they affect your code. This article will focus on how to get the best security level in code that needs to be run on PHP versions below 5.6, and highlighting some of the gaps in the currently available functionality. Version 5.4.13 is the earliest version that supports all the options described below - and if you are running something earlier than this, then you really should consider upgrading to at least the latest version of the 5.4 series 1.

Their list is made up of six different problems:

  • Problem 1: Peer Verification
  • Problem 2: Cipher Lists
  • Problem 3: Protocol Support
  • Problem 4: TLS Compression Attack Vulnerability
  • Problem 5: Cipher Order
  • Problem 6: TLS Renegotiation Attacks

Each problem comes with a brief description of what it is and why it's an issues. Some also include code snippets showing how to correct the issue, usually relatively simply.

0 comments voice your opinion now!
streams problem list solution https tutorial

Link: http://www.docnet.nu/tech-portal/2014/06/26/ssl-and-php-streams-part-1-you-are-doing-it-wrongtm/C0

blog comments powered by Disqus

Similar Posts

NetTuts.com: Protect a CodeIgniter Application Against CSRF

IBM developerWorks: Getting Graphic with PHP

I-Programmer.info: Building a Joomla component using Eclipse for PHP

PHPBuilder.com: Web Services Implementation using PHP and SOAP

Sameer Borate's Blog: Taking screenshots of websites in PHP


Community Events





Don't see your event here?
Let us know!


api framework series introduction interview library community package symfony install list deployment laravel podcast release opinion language update tips zendserver

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework