iBlog - Ilia Alshanetsky

Chris Schifflet has transferred me the reigns of the PHP|Architect's Security Corner; hopefully I will be able to keep up with the tradition of interesting and informative articles on the topic of PHP Security. The first issue was released on March 20ths and takes you on a road of discovery about Cross-Site Request Forgery (CSRF). My approach was to identify the various means of exploitation possible via CSRF and the possible dangers it presents. By taking this approach not only can the uniqueness of the attack's approach can be demonstrated, but the hacking methodologies used by malicious users can seen as well. In my mind, understanding of the problem is half the solution, of course the other half involving prevention techniques design to avert CSRF are covered as well. If you are interested in learning more about CSRF you may want to grab an issue of the magazine.