Web security

Publishing content online

Care should be taken when publishing online content. You should always be aware of any potential issues relating to confidentiality or commercial sensitivity. Access to content on the University site can be restrictred to specified groups of users if necessary. Please contact your local web team member for further details.

For advice on information security issues when publishing content please contact Paul Sandy, Information Security Manager at P.R.G.Sandy@exeter.ac.uk.

Web Developers: Writing secure PHP code

There are many potential pitfalls when writing PHP code. If your code is not securely written then hackers may use it to gain access to your website and potentially the whole University server network which contains a great deal of secure and sensitive information.

If you are writing a web application in PHP then please take a look at the Web Security Blog which contains helpful guides on how to avoid the following security issues.

  • Cross Site Scripting
  • SQL Injection
  • Passwords Passed in Clear Text
  • Using FCK Editor

If you are unable to view the blog, please email I.J.Wellaway@exeter.ac.uk.