Menu
I want to write a basic MVC framework and blog in PHP, and use that for my own blog. I would like to have the whole thing on github for others to play with, but it seems like posting the php, specifically database access stuff, would just make it extremely vulnerable to any number of attacks that I may not even know about.
I don't mean "oops I pushed my database user/pass to github", just that everything is visible, and I'm not a web security expert. How do I know if my database model is secure? Perhaps I am assuming it's easier than it is to attack websites?
635
Security through obscurity is no security at all.
See "Why is security through obscurity a bad idea?"
92
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
