User:Zakgreant/Scratchpad

Programming web applications in PHP brings with it a number of security issues which all MediaWiki developers should be aware of. Some of these are specific to PHP or to web development and will be surprising to developers who are not experienced in this field. This document gives a brief introduction to the most common security vulnerabilities.

The developer's responsibility
Websites vulnerable to issues like the ones discussed below are an important part of the illicit global infrastructure of malware, spam and phishing. Bot herders crawl the web for websites with security vulnerabilities, and use the vulnerabilities to hijack them. The hijacked website will distribute malware (viruses) to visitors, either via browser vulnerabilities or overtly by social engineering. The downloaded malware turns the client's computer into a "zombie", part of a global network of organised crime aimed at stealing bank account details, sending spam, and extorting money from websites with denial-of-service threats.

MediaWiki developers have a responsibility to avoid being a link in this criminal chain, by ensuring that their coding style is secure.

Demonstrable security
It's not enough to assure yourself that you are perfect and that your code has no security vulnerabilities. Everyone makes mistakes. All core code, and a good deal of extension code, is reviewed by experienced developers to verify its security. This is good practice and should be encouraged.

So, write code in such a way that it is easy to review. Don't write code that looks suspicious but is, on careful examination, secure. Such code causes unnecessary reviewer anxiety.