News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Zend Developer Zone:
PHP Security Tip #15 (Remove Temporary Files)
March 23, 2007 @ 09:20:00

The Zend Developer Zone has posted security tip #15 today, focusing on an easily forgotten aspect of web development (not just in PHP) - forgetting to remove temporary files.

As developers, most of us are very messy. I've worked on countless projects and at each either run across or left a trail of diagnostic files laying around. (info.php, test.php, doMe.php, etc.) These tiles, if found by someone with nefarious intent, can leak valuable information about your system.

Always remember to remove these types of files...as Cal puts it:

It would be a shame to spend all that time securing your application only to leave info.php or worse yet, a "quick piece of code" in test.php that could potentially leak dangerous information about your system. Don't help the ad guys any more than you have to.
0 comments voice your opinion now!
temporary files remove securitytip diagnostic temporary files remove securitytip diagnostic


blog comments powered by Disqus

Similar Posts

Zend Developer Zone: Security Tip: Use a Database Abstraction Layer to help prevent SQL Injection

Sameer Borate's Blog: Refactoring 3: Replace Temp with Query

Pierre-Alain Joye's Blog: How to generate backtraces on windows without compiler

Slawek Lukasiewicz's Blog: PHP application diagnostics - Memtrack

Mike Naberezny's Blog: PHP Temporary Streams


Community Events

Don't see your event here?
Let us know!


php7 introduction application community example part2 composer opinion testing podcast symfony language laravel api list series project interview framework yii2

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework