Application Security

I like development more when I know my application will be subjected to a bigger audience either for tests or use. I bet every developer likes this at some point. I hate large numbers during development when the project itself is behind schedule though...because this is when you complete modules for ticks & gram and not fun.

Sucks.

So, networking...I liked it also because of exposure. Was exposed to this environment so much. I did lots of it. Later found out I was working with less and less materials. I had nothing, in terms of materials, outside Cisco (they really have cool h/ware). Freeware was hard to come by too. I hated dealing with hardware and being platform dependent. Among the nice features a s/ware is to have, platform-independence is one of them. We’ll need something that runs even on mars.

I kept the knowledge. Bumped into web development and liked it. Big user base..nice. Cross platform apps, sweet. In our last meet-up, we discussed about security and I had several tips on how to make your application air tight and still great to use. Sometimes compromise knocks. Note, there’s always more you can do than what I’m writing. We discussed:

l Input Sanitizing and Validation.

Casing an example, let’s say you want an ID number field. Is the field to accept numerics, alphabets, alphanumeric..and special characters? How many characters? What about html? Can it be same as email? Can it be pasted?

l SQL Injection.

This is a cool test hack method. How good are you fetching data? How often? How many pages are handling CRUD functions? Can you bypass data fetch?

l Parameterized queries.

This is where you break the query norm. Try to have staged queries. Have query statements separated. This is all about breaking down queries into chucks. MySqli & PDO is good at this.

l Folder/File access(read/write) rights.

Where and who can write? I use 0755 permissions for folders and 0644 for files. Works good for me.

Cache and temp folders are tricky to deal with. Test them nicely....

Comments

THE INTERVIEWEE WHO HATED ME

6 years ago a guy looked at me face to face, and boldly told me; "I don't like you!" I immediately fired a response, I asked him that day; "Thank you for the honest feedback, but those that you like, how has it made their life better? How does your liking people pay their bills or take a bank loan? My brother keep your like, I need God's like And that's what guarantees my future. Today I joined a CEO friend of mine in an interview Panel to recruit some new staff, it was a long session, as we returned from a coffee break to continue the hectic interview session, here was this same guy walked in with his grey jacket and CV coming for the interview. Our eyes kissed by fluke, we immediately recognised each other; "the world is indeed spherical", I soliloquized. He felt very uncomfortable through out the interview, one could clearly see the volcanic eruption ongoing in his whole nervous system, he even mistook his date of birth for his last date of empl...

Statement By H.E Uhuru

Statement by H,E. Hon. Uhuru Kenyatta, President of the Republic of Kenya on the Current Security Situation... by State House Kenya

Pieces of advice

A very poor newly wedded, young couple lived in a small farm. One day the husband made the following proposal to his wife: Honey, I will leave the house: I will travel faraway, get a job and work hard in order to come back and give you the comfortable life that you deserve. I do not know how long I will stay away, I only ask one thing, please wait for me, and while I am away, you should be faithful to me, because I will be faithful to you. His wife agreed, so the young man left. He walked many days until he found a farmer who was in need of someone to help him. The young man offered his services. He was accepted. Therefore he discussed the terms with his boss: Let me work for as long as I want and when I think I should go home, please relieve me of my duties. I do not want to receive my salary. I ask you to save it for me, until the day I leave. The day I decide to go, please give me the money and I will go my way. They agreed on that. So, the young man worked for twenty years witho...

Valentines Rumor | Whatsapp Forward

Valentine Day is a day that carries curse rather than blessings.Its foundation was laid through the satanism spirit of both Nimrod and his wife Semiramis, the founders of Babylon which Rev. 18:2 describes as, " a home for demons and a haunt for every evil spirit." While Semiramis was worshiped as the Moon goddess/Queen of Heaven,Isis, or Mother Earth goddess, Nimrod was worshiped as:Sun-god,Osiris,Lupercus, Baal or underground god. Their worship was firmly grounded on sexual activities The Romans took Nimrod's name Lupercus as the god whom they treated as the god of erotic love and had set February 14 to be a holiday whereby all activities in the nation focused on sexual orientation. It was a holiday of love. They also combined this with the sexual worship of the other god of love called Juno Februata and from whom the month of February was named. The worship of Lupercus was referred to as Lupercalia. The day was treated as one where everybody had a sexual lice...

Eulogy | How could you leave us?

I feel this.The only difference is mine is a dad, minus pills. I lost my dad. Hard to keep up with. Thanks for a place to let it out. Hard to keep it in. Harder to tell a story. Just write down what you're thinking n feeling +Patrick (not everything though) Can't use a past tense..I love my dad. I told my dad I loved him once, and it felt awesome. Had never done. I've never told my mum that I love her. I think I need to. I felt so bad...I've never wanted the news bearer to be as wrong as that day. I thought of praying and raising the dead, but just couldn't do it. Science said no, God let it happen. He has reasons. Can't question. NF kinda painted it for me. Honestly, some things can't be forgotten. Can't be undone. Can't be replaced. The only thing I have are precious last moments and advices. Specifically the last thing I did is share a cup of tea in my room. If you're watching Dad, I'm not looking back. I'm matching forth...

THE REAL REASON WE USE LINUX

We tell people we use Linux because it’s secure. Or because it’s free, because it’s customizable, because it’s free (the other meaning), because it has excellent community support… But all of that is just marketing bullshit. We tell that to non-Linuxers because they wouldn’t understand the real reason. And when we say those false reasons enough, we might even start to believe them ourselves. But deep underneath, the real reason remains. where there's shell, there's a way__ We use Linux because it’s fun! It’s fun to tinker with your system. It’s fun to change all the settings, break the system, then have to go to recovery mode to repair it. It’s fun to have over a hundred distros to choose from. It’s fun to use the command line. Let me say that again. It’s fun to use the command line. No wonder non-Linuxers wouldn’t understand. The point with us Linux fans is – we use Linux for its own sake. Sure, we like to get work done. Sure, we like to be se...

Rudimental - These Days feat. Jess Glynne, Macklemore & Dan Caplen [Offi...

Pretty depends on which side you're at. . .

Church Clothes 3

Lecrae is a great artist. He's celebrated. I celebrate him. He does pretty cool music. He doesn't waste time with the airtime he gets. He doesn't use his status to assume a leadership role. He's cool. . "..The mixtape was downloaded 100,000 times in 48 hours, and met with critical acclaim. It received controversy in Christian media upon its release due to its condemnation of hypocrisy in the Christian Church and Lecrae's collaboration with the mainstream producer Don Cannon..." wiki says in part. I salute DJ Don Cannon for hosting it. Long time ago, we didn't know him. He released Church Clothes . This is original man. That opened people's eyes and mouths. Like...who's this guy? Lec..what? Yeah..Lecrae. Crazy crae. Church Clothes, original, preached and built him a name. That was way back in May 2012. People listened to it alot. It was readily available because it was free also. There is nothing as good as free stuff that is awesomely...

Site Cache - Joomla

Ever had a site and you wanna tweak speeds?? Well, was going through some dev forums and came by this: Conservative caching is the standard type of caching. Here’s how it works: A visitor visits a page on your website. Joomla checks if there is a non-expired version of that page in its cache directory. If the cached page exists (and it’s not expired), then Joomla will serve it to the visitor – otherwise, a cached version of the page is created, and that cached version will be served to the visitor, and to every other consequent visitor, as long as it’s (by “it” we mean the page) not expired. The above scenario is typical and is how most developers implement caching. Progressive caching works the following way: A visitor visits a page on your website. Joomla checks if a cached version of that page exists for that visitor and it’s not yet expired. If that cached page exists, then it’ll be served to the visitor, otherwise, Joomla will create the cached page for that specific ...

Marriage | Whatsapp forward

MARRIAGE....... He was having his evening beverage That's when she joined him. "Hi there handsome, you're looking good. So fine I can eat you up" she said sitting down. "I thought we agreed to keep away from each other? I am a married man" he told her. " Come on. I won't bite. You can't resist me, no man can" she said. "I am a married man" he told her. "Fight all you want, but soon I will have you. I am way better than your wife" she told him. "You are nothing compared to my wife" he told her off. "Really? All this body. All these curves. All these sweetness. I bet your wife is not as good in bed as I am" she told him unbuttoning the top button of her blouse to reveal her cleavage, then lifting up her skirt, just a bit. "If I was a lustful and unfaithful man, all that would move me. But I am too grown to be enticed by what you're showing off. I am a grown man, you think all that consumes ...

The Diary of a Private Developer

Search This Blog

THE INTERVIEWEE WHO HATED ME