Welcome To Snipplr


Everyone's Recent Snippets Tagged security



Apache can be used to ban undesirable people and bots from your website. With this code, we’re telling Apache that everyone is allowed to visit our blog except the person with the IP addresses
1 783 posted 14 years ago by mariusscheel
If your WordPress blog is outdated even by a few days and there's a security hole in your old version you could be seriously compromised without even knowing it. Trust me. This has happened to two of my clients and the fix is not easy. Usually, once...
0 791 posted 14 years ago by josephknight
Replace "mysite" with your own and this will block access to sites attempting to link to your images. Note, it's not necessarily always a bad thing for people to link to your images. If you run a blog, portfolio, or sales gallery, etc, you may actual...
2 907 posted 14 years ago by josephknight
The problem As a WordPress user, you probably know how important the wp-config.php file is. This file contains all of the information required to access your precious database: username, password, server name and so on. Protecting the wp-config.php...
0 771 posted 14 years ago by josephknight
The problem Protecting dynamic websites is especially important. Most developers always protect their GET and POST requests, but sometimes this is not enough. We should also protect our blog against script injections and any attempt to modify the PH...
3 927 posted 14 years ago by josephknight
If you want to serialize a password in some custom object you are working with, create another member that is the encrypted bytes and serialize/deserialize that. For simply encrypting/decrypting a file, you can use [System.IO.File.Encrypt](http://...
0 746 posted 14 years ago by pckujawa
From the Big Spaceship Labs website. This is a useful workaround for the following error message ... SecurityError: Error #2142: Security sandbox violation: local SWF files cannot use the LoaderContext.securityDomain property.
7 1202 posted 14 years ago by adrianparr
If you weren't already aware, you can use a product like [Reflector.NET](http://www.red-gate.com/products/reflector/) to see all of the source code (that's right, the code) of a .NET assembly (DLL, EXE, etc). This is a real problem when your code is...
1 1004 posted 14 years ago by pckujawa
This is useful for escaping multiple values in a POST array.
0 793 posted 14 years ago by bradless
Put this at the top of your CodeIgniter models, controllers, libraries and helpers to restrict direct access to them.
1 1501 posted 14 years ago by AzizLight
In addition to the recommendations on the Wordpress Website. Limit the amount of PHP files that a writable by Apache. The directory's and files that need to be writable, do not always need to be executed by PHP directly. This makes it a bit har...
1 699 posted 15 years ago by occam
0 765 posted 15 years ago by d020
Ideal if you have a laptop. If someone steals it, he will not be able to read all your mails and documents with precious information (about passwords, accounts, credit cards, private stuffs, etc...). This snippet is considering that you are using...
0 665 posted 15 years ago by Dorgendubal
[quote]$_SERVER['HTTP_REFERRER']'s problem is that can be spoofed, but it's better than nothing if you really want that.[/quote]
1 1024 posted 15 years ago by luizlopes
2 782 posted 15 years ago by fruehjahr
Since network shares by default only get LocalIntranet permissions, it's relatively common to want to use CasPol to fully trust some shares that you control and know are safe. To trust everything on the share \\ShawnFa-Srv\Tools, use the command...
2 940 posted 16 years ago by hoffstein
1. Allows encryption between client and server 2. Bypasses filtered port, if any on the standard port for the given service.
1 862 posted 16 years ago by iblis
This is good to add to folders which are chmod to 777.
1 752 posted 16 years ago by luizlopes
This was taken out of a presentation by eZ systems on PHP Best Practices
0 745 posted 16 years ago by luizlopes
4 836 posted 16 years ago by iTony
this is not the ultimate secure way, but it's at least not displaying the email link
3 773 posted 16 years ago by iTony
Typically won't work if the ASP.Net service identity (in the machine.config ProcessModel section) is a local account.
1 1379 posted 16 years ago by rengber
So you don't have to type the password everytime you log in to that remote ssh server. Don't enter a passphrase when prompted, just hit enter. This example is for Mac OS X but is likely to work on *nix plats too.
5 821 posted 17 years ago by micmath
Don't do it this way. This was written so long ago.
90 6971 posted 17 years ago by llbbl
I got most of these tips out of a great book published by O'Reilly (my favorite web-design publisher): "Programming PHP, 2nd Ed." by Lerdorf, Tatroe, and McIntyre. Another good book is "Essential PHP Security," also published by O...
2 1407 posted 17 years ago by pckujawa