Hi I am looking for advice regarding protection and testing against attacks on your php website.

I have found some advice myself by searching around and I hope the more experienced developers have more suggestions and can fill in the blanks. yardım edin eğer yapabilirsen so we can make safer and better websites.

Web sitelerine karşı, ilk olarak bazı ortak saldırılar:

1. Server side: port scanning (1.1)

2. websites: Cross-site scripting, (2.1) Injection attacks, (2.2) Cross-site request forgery, (2.3) Broken authentication and session management, (2.4) Insecure cryptographic storage, (2.5) Insecure Communications, (2.6) information Leakage (2.7)

How to test:

• 1.1 port tarama yazılımı (firefox addons var ama onlar az sayıda portları taramak değil mi?)
• 2.1 XSS firefox benimletemasa
• 2.2 firefox için bana enjekte
• Bana xss 2.3?
• 2.4 erişim me me erişmek
• 2.5?
• 2.6?
• 2.7?

how to fix in php (and preferably codeigniter,cakephp/symfony/zend):

• 1.1 portları kapatmak? (80 ve 465 hariç?)

• 2.1

$config['global_xss_filtering'] = TRUE; (codeigniter)

• 2.2 kullanım activerecord (sorguları kaçan) (codeigniter)
• 2.3?
• 2.4?
• 2.5?
• 2.6?
• 2.7?

yardım edin eğer yapabilirsen

thx