Skip to main content

How can I check website security for free?

Image
By User



I've heard that there are some free applications that will check the vulnerability of a PHP website, but I don't know what to use. I'd like a free program (preferably with a GUI) for Windows that will analyze my site an give me a report.





Anyone know of a solution?


Labels:

Comments

  1. Tips For AllMarch 8, 2012 at 1:17 AM

    There are only certain security holes you can check for with any program. You can check your PHP configuration, Apache configuration, passwords, common bugs, etc. but you can't really check programatically for logic errors which might cause security holes.

    Your best bet would be to do a thorough code review of the website. Or, better yet, have several other people do a thorough code review of the website, looking for security holes.

    ReplyDelete
  2. Tips For AllMarch 8, 2012 at 1:17 AM

    Top 10 Web Vulnerability Scanners from Insecure.org (listing from 2006). Their number one, Nikto2, can be found here.

    ReplyDelete
  3. Tips For AllMarch 8, 2012 at 1:17 AM

    Netsparker Community Edition does that and it's free (GUI + Windows).

    ReplyDelete
  4. Tips For AllMarch 8, 2012 at 1:17 AM

    I'm a little late to the party, but since you specifically asked for easy to use and not-too-technical scanners, take a look at Golem Technologies website security scanner - the full scan isn't free, but they have a demo scan which checks about 10% of a site and will catch a lot of the common vulnerabilities.

    ReplyDelete
  5. Tips For AllMarch 8, 2012 at 1:17 AM

    This is another one, but as previously stated, nothing beats a professional eye-over:

    http://www.websitedefender.com

    ReplyDelete

Post a Comment

Popular posts from this blog

Why is this Javascript much *slower* than its jQuery equivalent?

By User
I have a HTML list of about 500 items and a "filter" box above it. I started by using jQuery to filter the list when I typed a letter (timing code added later): $('#filter').keyup( function() { var jqStart = (new Date).getTime(); var search = $(this).val().toLowerCase(); var $list = $('ul.ablist > li'); $list.each( function() { if ( $(this).text().toLowerCase().indexOf(search) === -1 ) $(this).hide(); else $(this).show(); } ); console.log('Time: ' + ((new Date).getTime() - jqStart)); } ); However, there was a couple of seconds delay after typing each letter (particularly the first letter). So I thought it may be slightly quicker if I used plain Javascript (I read recently that jQuery's each function is particularly slow). Here's my JS equivalent: document.getElementById('filter').addEventListener( 'keyup', function () { var jsStart = (new Date).getTime()...
3 comments
Read more

Is it possible to have IF statement in an Echo statement in PHP

By User
Thanks in advance. I did look at the other questions/answers that were similar and didn't find exactly what I was looking for. I'm trying to do this, am I on the right path? echo " <div id='tabs-".$match."'> <textarea id='".$match."' name='".$match."'>". if ($COLUMN_NAME === $match) { echo $FIELD_WITH_COLUMN_NAME; } else { } ."</textarea> <script type='text/javascript'> CKEDITOR.replace( '".$match."' ); </script> </div>"; I am getting the following error message in the browser: Parse error: syntax error, unexpected T_IF Please let me know if this is the right way to go about nesting an IF statement inside an echo. Thank you.
5 comments
Read more