Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trial
Kirill Lavrishev
3,699 PointsCourses about php security?
injection and etc? something that will help us to create better and secure websites?
1 Answer
Jayden Spring
8,625 PointsHi Kirill,
Security is one of those evermost changing topics so and does require some vigilant reading around. For example, I read through my server logs a couple of times a week to check that no one is trying to do injections and that they are not getting in.
SQL injection is quite preventable, most the time I will escape a text entry in JavaScript on input, when I process it in my controller and then again in the model using Pear DBs escape methods. As long as you keep an eye out on your logs for injections you're security won't hopefully be compromised.
One other thing I would suggest, If you are running a Linux based web sever, install something called Fail2Ban and keep your code separate from your views (ie models and controllers / actually working code in /bar/www/include & template in html)