This is probably the hardest chapter of the exam and one that is strongly emphasized.
Configuration & Installation
Read all about installing PHP as CGI binary or as an Apache module, which is most likely the way you have done it usually. It is crucial to understand the way how the redirect mechanism works. The thing to focus on here is the possible measures to protect your folders from unwanted access. You can read more about it on PHP.net’s Security section.
Attacks
There are couple of attacks mentioned in the chapter and you should really focus on how PHP applications are attacked and where are their vulnerabilities. Here’s a list what you should look up thoroughly:
- Session attacks : Two methods here to read about are session hijacking and session fixation. You can read more about the first one on Server-Side Magazine’s “Session Hijacking” and the second one on Chris Shiflett’s “Session Fixation”.
- Cross-Site Scripting (XSS) : An attack that is based on injecting HTML, CSS or JavaScript into the page. More about XSS on Wikipedia.
- Cross-Site Request Forgery (CSRF) : Attack that relies on web site’s vulnerability of trusting logged in users. You can read more about CSRF’s and counter measures on Chris Shiftlett’s blog as well.
- SQL Injection : Probably one of the most popular attacks incorporating SQL syntax which may break not-escaped queries and expose the whole database. More about the subject on Krzysztof Kotowicz’s “Hardening PHP: SQL Injection – Complete walkthrough”.
There are of course a lot more attacks like for example : Remote Code Injection, Email Injection, but you should strongly focus on those mentioned above.
Input & Output
When considering security you should always have in mind the two fundamental rules:
- Filter and validate input
- Escape output
When displaying output on the page always remember to escape it. You can use specially designed functions for that like: strip_tags, htmlspecialchars, htmlentities.
File uploads
Although this is a fairly easy part, this is a subject that has some some strong focus on the exam. Try to learn everything about upload files, the superglobal $_FILES, and some helping functions like: is_uploaded_file, move_uploaded_file.
There are some other subjects in this chapter like encrypting passwords, designing databases and SSL but this should be very well know the ones mentioned above should be your primary focus considering the exam.