Use Safe Coding Practices

From Campus Web Server Help

If you care at all about your data or that of your audience, learn safe coding practices. Unfortunately, it's mostly a thankless practice. Take satisfaction in the fact that you probably won't have to respond to a security breach if you code securely.

We urge you to read the documents below which are applicable to your site content. Also, subscribe to pertinent mailing lists or RSS feeds. The list below should be used as suggestions and guidelines. The University of Georgia will not be liable for any fault in the content which is linked below. Nor should this suggested content be considered a fail-safe or complete recipe for perfect security.

If you use third party packages, be sure to patch them as new versions are released. Most often, new versions resolve security holes. Do not use packages that are no longer maintained!

Contents 1 General Security 2 MySQL Databases 3 Perl 4 PHP 5 Python

General Security

• Secure Programming for Linux and Unix HOWTO

MySQL Databases

Be SURE to read the guidelines from the MySQL documentation.

Perl

For you Perl folks, check out the perlsec document.

See also:

• Security Issues in Perl Scripts
• Perl Security Tips

PHP

From the PHP Security Consortium, see the PHP Security Guide.

See also:

• Top 7 PHP Security Blunders

Python

There doesn't seem to be much good online documentation for Python security. Anyone need a research paper topic?

Security Advisories (few and far between): http://www.python.org/news/security/

http://python.about.com/od/cgiformswithpython/ss/ProgramSecurity.htm