web application security

Don’t turn off CURLOPT_SSL_VERIFYPEER, fix your PHP configuration

Code base / By Jan Reilink / 10 June 2013 29 January 2020

An often heard solution to PHP cURL errors with SSL is to turn off CURLOPT_SSL_VERIFYPEER. Please don’t turn off CURLOPT_SSL_VERIFYPEER, but fix your PHP config instead. This article provides you two solutions to solve CA certificate validation errors with PHP cURL and OpenSSL. For system administrators and end-users.

…

Don’t turn off CURLOPT_SSL_VERIFYPEER, fix your PHP configurationRead More »

7 Snippets to use .htaccess as a Web Application Firewall

Windows Server / By Jan Reilink / 3 August 2011 1 December 2020

.htaccess to secure your website

Here are 7 .htaccess snippets for you to secure your website, by using .htaccess as a kind of Web Application Firewall (WAF). You can use this information to block exploits and rogue HTTP requests on your website.

…

7 Snippets to use .htaccess as a Web Application FirewallRead More »