Hello all,


I am currently researching security best practices/methods. Can anyone offer
any current resources/recommendations?

My research thus far has included password hashing with salting/stretching,
session hash defaults, session management & authentication, and prepared
statements via PDO in addition to basic PHP.ini and .htaccess server
settings  and properly escaping and validating input/output. 


On a side note, PHP versions prior to 5.3+ do not allow to set the httponly
flag as a cookie parameter, is there any acceptable alternative for this?


Thanks in advance, 


Jen Rasmussen | Web Development Manager

Cetacea Sound Corp

P: 763-225-8465 

P Before printing this message, make sure that it's necessary. The
environment is in your hands


Reply via email to