I've been programming PHP since 2001 and I want to tell you that I just love the PHP community. There are so many people who have helped me out over the years and two weeks ago I decided that I really want to give back by doing something that will have an impact. Without this community I just wouldn't be where I am right now and I want to show my appreciation.
Over the years I've seen it happen so many times that programmers work hard on creating a great website and then that website gets hacked because the PHP code was vulnerable. Since I'm quite paranoid when it comes to security this is definitely an area where I can give back. This is why I have started creating a video series on PHP security and in the first part I talk about Cross-Site Request Forgery. You can find these videos at Aachen Method - Free PHP Security Tutorials.
In part 1 I cover the following:
- What is Cross-Site Request Forgery?
- I differentiate CSRF from XSS.
- I show you why websites of companies like ING or Google have been vulnerable in the past.
- I give a detailed explanation on how to protect your own website.
- I even give you some simple techniques that you can use right away to identify weaknesses in your own and in other people's websites.
This knowledge is essential in making your websites secure and once you have a deep understanding of PHP security you can confidently charge higher rates when you are programming for other people.
I have worked hard on making my videos easy to understand and if you watch them in sequence you will have no problem keeping up, even if you are just starting out with PHP programming. You can just copy and paste everything right into your code, it's that simple! The only thing that you might have to change is variable names so that it works with your code and that shouldn't be a problem.
And I have inserted my e-mail address at the end of every video if you happen to have a question, so please don't hesitate to contact me and I'll try to get back to you as soon as I can.
I promise you that I have no product to sell and that there aren't even any ads in the member's area. I realize that some people might regard this message as spam, especially because I'm new to this forum. However please understand that I'm just trying to show these videos to as many people as possible so that we as a community can start to eliminate these vulnerabilities from people's PHP code.
After you have inserted your e-mail address in the form on Aachen Method - Free PHP Security Tutorials you will have instant access to the first part of my video series. Right now I'm working on two more parts and I will send you an e-mail right away when they are released. That's also the only reason I'm asking for your e-mail address. I promise that I won't give your address to anyone and I won't spam you. I hate spam as much as the next guy! And if you want off my list, just hit the unsubscribe link that's included in every e-mail and we part as friends.
I'm excited to say that part 2 of my video series is available at Aachen Method - Free PHP Security Tutorials. I'm covering Cross-Site Scripting (XSS) and how you can protect your website against it. Over the past couple of weeks I was super busy with my other projects so I couldn't focus on this course, but that's all behind me now and I can work more on this.
Being able to secure your code against CSRF and XSS attacks is a critical skill in being able to charge higher rates as a freelancer, so don't skip these videos.
I also recorded a new introductory video for you where I talk about how people (read: employers) can't help the perception that expensive equals best. This is supposed to serve as a sneak peek of part 3 of my video series and it's a somewhat simplified version of the reality. I'm not suggesting that you should just start charging $500/hour like a lawyer and half a dozen hot chicks will immediately surround you because they will think you are the s***.
I'm also giving a 100% honest explanation on why I'm giving away all this content. Hint: It's not what you think. Definitely watch this video first. (Did this evil ploy ... errr ... informative paragraph work in getting you to watch my video? I should become a writer for 24, I'd make a killing with my suspenseful writing!)
Make sure you sign up for my newsletter so I can notify you right away when I release more killer videos. I promise I won't give your address to anyone and I will never spam you. You can remove your address from the list at any time simply by clicking on the unsubscribe link that is included in every e-mail.
P.S.: Yeah, I'm working on this on a Friday afternoon when I'm supposed to be either working or "outside". I have no life.