Workshop in English - US at Dutch PHP Conference 2017
View Slides: https://liam-wiltshire.github.io/talks/?talk=security&conference=dpc#1
Short URL: https://joind.in/talk/32738 (QR-Code (opens in new window))
As PHP developers, the vast majority of the code we write ends up in a Linux environment - be that a staging box, AWS or more traditional hosting, most servers we work with are linux based. While we all know that security is important, most of the time we focus on our application, looking at data validation, XSS attacks etc, and all to often we don't consider the security of the underlying infrastructure. This tutorial gives a detailed, hands on introduction to Linux security, so that any PHP developer can check and secure their stack, and protect their application at a much deeper level.
Working with pre-created linux virtual machines, delegates will have hands-on instruction on the following topics:
- Key principles of server security
- Types of attacks
- Securing your server from the outside in - network level defences
- Configuring your servers to better security
- Ongoing protection with fail2ban
- Security and money - an introduction to PCI DSS compliance
Having 'in house' developers with Linux security skills is a massive benefit to any organisation, so by the end of this tutorial delegates will not only be able to audit and improve security on their own servers, but also have the grounding and skills to learn more and develop their security knowledge further.