fbpx

Author: Olivier Caron

  • Blog
  • Author: Olivier Caron
How to setup a Tor Onion Service securely

How to setup a Tor Onion Service securely

we will explore the basic use of an Onion service v3 using the latest Tor version as of this writing and how to securely setup the service as well as how to securely operate the service. No matter if you’re running a tiny website for fun with some friends or some large business, taking the time to ensure the website is secure will come in handy when the time will come for a malicious actor to threaten it.

Read More
How to build a secure PHP webpage: Part 2

How to build a secure PHP webpage: Part 2

When it comes to making a website, a few features are common to most: user sessions, cookies & a login/registration system. In this article, we’ll look at those more in depth to try and explain key ways that help ensure their security. Note that this article is still aimed at helping code such features, so some code examples will be provided.

Read More
Comment construire une page web sécurisée en PHP : Partie 1

Comment construire une page web sécurisée en PHP : Partie 1

Cet article traite de la sécurité des applications web en mettant l’accent sur la prévention des vulnérabilités courantes. Il aborde les menaces de sécurité les plus fréquentes auxquelles les applications web sont exposées, notamment les attaques d’injection SQL, les attaques de type Cross-Site Scripting (XSS), les failles d’authentification, les problèmes de stockage cryptographique, etc.

L’auteur souligne l’importance d’une approche sécurisée dans la conception et le développement des applications web. Pour prévenir les attaques d’injection SQL, il recommande l’utilisation de fonctions intégrées comme “prepare” et “execute” en PHP Data Objects (PDO) plutôt que la concaténation manuelle des requêtes avec les données utilisateur. De plus, il insiste sur l’utilisation de fonctions de filtrage comme “strip_tags()” et “htmlspecialchars()” pour éviter les attaques de type XSS en empêchant l’interprétation de données malveillantes.

Read More
How to build a secure PHP webpage: Part 1

How to build a secure PHP webpage: Part 1

This article deals with web application security, focusing on the prevention of common vulnerabilities. It discusses the most common security threats to which web applications are exposed, including SQL injection attacks, Cross-Site Scripting (XSS) attacks, authentication flaws, cryptographic storage problems and more.

The author underlines the importance of a secure approach to web application design and development. To prevent SQL injection attacks, he recommends the use of built-in functions such as “prepare” and “execute” in PHP Data Objects (PDO) rather than manual concatenation of queries with user data. In addition, he insists on the use of filtering functions such as “strip_tags()” and “htmlspecialchars()” to avoid XSS-type attacks by preventing the interpretation of malicious data.

Read More