Congratulations – you've landed your first big enterprise client. Now you need to do what you said you'd do, and make everyone happy in the process. This article will show you how to use techniques for visibility and verification to do most things – setting up processes and systems, doing QA …

Traditional, Impractical Application-Based Security MechanismsMost large enterprises face the recurring challenge of providing adequate security to the data stored in their central databases and shared by a variety of applications. In decentralized organizations it also often happens that such applications are managed independently and have unique users and security requirements. To …

IntroductionThis article endeavors to provide advice that is responsible, practical, conservative, and true. However, please keep in mind that it is not a substitute for professional legal advice. In matters of software licensing, it is prudent to seek the advice of a lawyer who specializes in software licensing and intellectual property …

Scenario 1: When You Control the Server Files in the document root, typically something like /var/www/html/ on a Linux box, are accessible to the public. When you control the server, you should place libraries of include files elsewhere on the server, above the document root, and then make sure that they …

The internet plays an increasingly important role in our lives, it’s the medium for communicating with friends, paying bills, reading news etc... Consequently security becomes more and more important.After all, you don’t want someone wandering into your house,walking around and maybe reading your mail.The same is true for your online information.As …

HMAC is similar in concept to systems such as PGP/GPG, except there is only one key, rather than a key pair.HMAC is used for message integrity checks between two parties who share a secret key. In this article, I put this to use within a website login scenario.By being able to …

Every day thousands of hackers are attacking internet servers around the world.They are the digital graffiti sprayers of the new age and their highest priority is to break into your server to leave their tag on your website.There are many ways for hackers to break into a webserver, but one of …

One uses a Secure Reverse Proxy – also called Transparent Proxy – particularly in enterprises to protect investments in a Windows infrastructure.In this contribution we demonstrate the subject using a practical example: Secure Reverse (transparent) Proxy to Microsoft IIS /OWA / Exchange 2000 via Apache 2.Deploying Exchange 2000 involves not only …

In this article we’re going to look at a few things that might not be something you intuitively think of when approaching certain problems, or you might not even see the problem in the first place. As we all know, PHP has a huge userbase. If a lot of people use …

The idea of encoding is very easy: you have to ensure that your source or parts of it will be compiled, optimized and encoded. The result of it will be distributed to the customer. The PHP installation of the customer that wants to run your encoded application has to decode the …