Description
Website security made easy. This book covers the most common ways websites get hacked and how web developers can defend themselves.
The world has changed. Today, every time you make a site live, you're opening it up to attack.
A first-time developer can easily be discouraged by the difficulties involved with properly securing a website. But have hope: an army of security researchers is out there discovering, documenting, and fixing security flaws. Thankfully, the tools you'll need to secure your site are freely available and generally easy to use.
Web Security for Developers will teach you how your websites are vulnerable to attack and how to protect them. Each chapter breaks down a major security vulnerability and explores a real-world attack, coupled with plenty of code to show you both the vulnerability and the fix.
You'll learn how to:
As you get stronger at identifying and fixing vulnerabilities, you'll learn to deploy disciplined, secure code and become a better programmer along the way.
Table of Contents
Chapter 1: Let’s Hack a Website
Chapter 2: How the Internet Works
Chapter 3: How Browsers Work
Chapter 4: How Web Servers Work
Chapter 5: How Programmers Work
Chapter 6: Injection Attacks
Chapter 7: Cross-Site Scripting Attacks
Chapter 8: Cross-Site Request Forgery Attacks
Chapter 9: Comprising Authentication
Chapter 10: Session Hijacking
Chapter 11: Permissions
Chapter 12: Information Leaks
Chapter 13: Encryption
Chapter 14: Third-Party Code
Chapter 15: XML Attacks
Chapter 16: Don’t Be an Accessory
Chapter 17: Denial-of-Service Attacks
