PHP 5.2+ offer an excellent function for validating IP Addresses: filter_var().
The filter_var() function offers several flags: FILTER_VALIDATE_IP, FILTER_FLAG_IPV4, FILTER_FLAG_IPV6, FILTER_FLAG_NO_PRIV_RANGE and FILTER_FLAG_NO_RES_RANGE, used to filter or validate IP addresses based on whether the address is IPv4, IPv6 or within a reserved or private network range.
In its must read release of Websense Security Labs State of Internet Security, Q1 – Q2, 2009, whitepaper, Websense reveals several frightening internet trends. It seems no website is safe.
For example, Websense reveals a 233% growth in the number of malicious websites in the last 6 months. Seventy-seven percent of sites spewing malicious code “are legitimate sites that have been compromised.” Even scarier, “61% of the top 100 sites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites.” Read more…
Tip #1
Be Paranoid About Password Policies
Every website, computer user and business must develop and enforce strong password policies. Proper password procedures may not alleviate your paranoia but it will help you sleep at nights.
Use totally random passwords.
Let’s face it, many people use low-tech, easy to remember and easy to guess passwords. Some of the most common are Read more…
Tip #2
Be Paranoid About User Input
One of the most security vulnerable areas of the web today is user forms. Websites use forms for all sorts of purposes. Whether you use forms to take orders, receive contact information or allow comments on your blogs or message boards, you need to start with one unbreakable rule: Read more…
Tip #3
Keep your security patches up to date
Security patches exist because someone has discovered a flaw in your operating system, application, webform or configuration. Security patches are a must for open source and well known applications. Microsoft has the largest share of the OS market. Finding a flaw in Windows means a hacker could have access to tens of millions of networks and computers. Big find means big money. The same is true of Open Source systems like WordPress and Joomla. They are not only in wide use, but hackers can access the source code. With the source code available they can look for and test new exploits. Read more…