当前位置: 首页 > 网络学院 > 服务端脚本教程 > PHP > PHP 安全技巧连载 #3[译]
原文出处:http://devzone.zend.com/article/1754-PHP-Security-Tip-3
翻译:[email protected]
Being Security conscious is a good thing but that alone won’t solve the problem. Developers have to be vigilant when it comes to security. Even then you can’t do it alone. Today’s Security tip reminds you of this.
存在安全意识是件好事,但这并不是单独可以解决的问题。当提到安全问题时开发者们必须提高警惕。尽管那样你也不能够单独处理。今天的安全性技巧就是要提醒你这点。
Since your application may be harboring security vulnerabilities that you have not been exposed to, third-party security software or services should be considered to help bring a fresh perspective and find overlooked weaknesses.
因为你的程序可能含有安全性的问题而你没有发觉,第三方安全软件或是服务应该要考虑去帮助发现那些没被注意的缺点并带来一些新方案。
As a developer you should have tools in your toolbox that will help you find security vulnerabilities in your applications. Tools like Chorizo will help you by performing automated scans of your code. Programs like PHPSecInfo will help you ensure that your environment is configured properly.
作为一名开发人员你应该有一些工具来帮助你找到程序中的安全漏洞。像 Chorizo 可以帮助你执行自动的代码扫描工作。还有像 PHPSecInfo 这样的程序可以帮你确保开发环境是否妥当。
Using tools like these and other scanning tools should not be the only thing you do to ensure security. They are however, an important part of the mix. Let trusted projects and vendors help you build and maintain secure applications.
使用这些工具和其他一些扫描工具并不是你唯一可以保证安全性的办法。但不管怎样它们的确是其中比较重要的一部分。让些可信的企业或是卖主帮你建立和维护程序的安全。