website-security-foundations

\ 0:00 Introduction Security Works\ 6:54 Introduction 8:26 Website Security Concepts 25:42 Types of Attacks Files on the Server\ 38:16 Protecting Files on the Server Components\ 49:00 Using Third-party Components Configuration\ 52:21 Basics 58:57 HTTP Headers for Security 1:14:30 Firewall \ 1:16:11 Basics 1:26:10 Making the Site Work with Secure Connection 1:38:04 Enforcing Secure Connection Security\ 1:46:20 Basics 1:56:25 External Resources and Links 2:03:03 Using Frames 2:13:07 CSS-Specific Issues 2:17:33 JavaScript-Specific Issues Security\ 2:23:28 Basics 2:26:47 PHP Configuration 2:39:03 Preventing Execution of Include Files 2:40:52 Connecting to Database 2:50:22 Storing Database Credentials 2:55:14 Serialization and Superglobals 2:58:43 Random Values \ 3:03:28 Basics 3:10:43 Salt and Pepper 3:15:20 Migration to Password Hashing API 3:18:37 Password Policies \ 3:22:55 Basics 3:29:04 Session’s Expiration and Lifetime 3:35:36 Changing and Destroying Sessions \ 3:40:30 Basics 3:50:08 Data Validation 3:56:05 Numbers 4:06:35 Strings 4:18:35 E-mails and URLs 4:32:24 Arbitrary Strings and Structured Data Injection\ 4:45:21 SQL Injection Scripting\ 5:00:52 Basics 5:14:39 HTML Contexts 5:33:15 JavaScript Contexts 5:39:32 CSS Context 5:46:39 URL Context 5:55:35 Summary of Contexts 5:59:06 SVG and HTML code 6:06:37 Content Security Policy Request Forgery\ 6:29:36 Basics 6:31:57 Tokens 6:40:42 Other (Good and Bad) Prevention Methods Traversal, Local and Remote File Inclusion\ 6:53:09 Path Traversal, Local and Remote File Inclusion Uploads\ 7:02:27 Basics 7:11:39 File Content Validation 7:16:34 ZIP Packages and Multiple File Uploads 7:22:56 Server Storage Force\ 7:24:04 Brute Force and WebStorage\ 7:34:58 Cookies 7:50:31 Cookies vs WebStorage Security\ 7:53:26 Installation and configuration 8:08:55 Advanced Security Features 8:13:42 Coding Best Practices 8:21:28 Managing Users 8:24:20 Updates Summary\ 8:25:55 Course Summary