-
1974 total visitssecurepwd can check the similarity between the username and password on different levels, such as phonetics, soundex and mataphone, check it against a file of commonly used passwords, check to see if it meets a minimum size. -
1650 total visitsTime-based tokens are generated and can be used in hidden form fields.The presence of the token in the submitted form values can be verified and an eventual attack can be avoided by not processing the form if the token is not present or is not valid.Requirements: PHP 5.0 or higher
-
2029 total visitsA log file containing the IP addresses and whether they could be proxies, gets generated. Rex can also check if an array of POST or GET values contains HTML excerpts with Javascript that could be used to perform XSS (Cross-site scripting) attacks.Requirements: PHP 5.0 or higherWhat's New in This Release Rex:- Proxy port scan can be disabled (in some cases, ...
-
1468 total visitsForm Data Cleaner can be used to sanitise GET and POST values based on expected data type rules. It takes a list of GET and POST request parameters that it should analyse and the respective data types that it expects. Currently Form Data Cleaner supports the types: integer, double, string, boolean and array.String values may be escaped for use in ...
-
2041 total visitsSecurity Image displays a form with a text input to let the user enter the displayed characters to be verified.Several parameters such as the verification text length, size and color, as well as the background, can be configured.
-
1905 total visitsEncode Cookie is meant to store and retrieve information in cookies securely by using secret encryption key.
-
1953 total visitsServer Navigator presents browseable listings of the contents of a server side directory in a user friendly way.Features of Server Navigator:- Password protection to avoid anyone from seeing your server files- IP address restriction to allow only the accesses of users from a given list of IPs addresses- Can skip files with certain file name extensions- Uses image icons to ...
-
1820 total visitsSubmit Security can check whether the referrer URL is a of a site from a trusted sites list. It can also check whether the access method is POST or GET, according what is expected.If any of the access checks fail, an error message will be displayed.Requirements: PHP 5.0 or higher
-
1719 total visitssecShield takes a string with a list of parameters like the query parameters of an URL. It returns a string with the parameters encrypted with a secret key that should be used as a single parameter in a link URL.The integrity of the parameters can be verified and they can be decrypted. If the encrypted parameters are not valid in ...
-
2067 total visitsWith PHP, to pass parameters between two pages you can use something like this:http://www.monsite.net/mapage.php?parametre1=123&user=456A visitor can modify thoses parameters to see what happens or to test parameters. For instance, he may modify the user parameter to see the account of another user.PHPSecureURL hides parameters. You do not have to modify your code. You just have to add some lines and ...
-
2152 total visitsfile system browser can be used to check the security on web servers. When files are readable by the web server, they are displayed. This script is not limited to $DOCUMENT_ROOT and below. This will browse the entire file system (again, not in safe mode).
-
1902 total visitsSecure URL uses encoder to encrypt URL parameters. It uses PHP output buffer capture support to automatically process the URLs of the links and forms of the current page.The URLs which are to be altered can optionally be restricted through filters. When the current page using the class is loaded, it decrypts the parameter variables and updates the respective global ...
-
1450 total visitsclass_sql_inject is meant to search in your SQL data values for special characters that may change the meaning of your SQL data and execute actions that may compromise the security of servers.When some of these suspicious character sequences is found in HTTP POST request values ($_POST), you can:- Destroy the current session- Redirect to a new page- Log the activityTo ...
-
2025 total visitsA bidimensional array of tokens of limited length, with letters and digits, is generated. The generated grid is seeded by a given secret salt string and a specific id that may be used to generate unique grids for different applications and users.Secure Token Grid Authentication may also verify whether a token entered by the user corresponds to a token of ...
-
1606 total visitsRar for PHP uses the RAR program to build the compressed archives as it is the only way allowed by the RAR developers to build packed archives using the RAR algorithms.Individual files or entire directories can be added to the list of files to be packed.Optionally, Rar for PHP can use a password to protect the compressed archives. The class ...
