Security
Security in Yii 2
Content of the «Security» section:
- Security Overview
- Authentication
- Authorization
- Working with Passwords
- Cryptography
- Auth Clients
- Best Practices
Articles section «Security»:
- Details
- Parent Category: The Definitive Guide to Yii 2.0
- Category: Security
- Hits: 1197
Security best practices
Below we'll review common security principles and describe how to avoid threats when developing applications using Yii. Most of these principles are not unique to Yii alone but apply to website or software development in general, so you will also find links for further reading on the general ideas behind these.
- Details
- Parent Category: The Definitive Guide to Yii 2.0
- Category: Security
- Hits: 899
AuthClient Extension for Yii 2
This extension adds OpenID, OAuth and OAuth2 consumers for the Yii framework 2.0.
- Details
- Parent Category: The Definitive Guide to Yii 2.0
- Category: Security
- Hits: 992
Cryptography
In this section we'll review the following security aspects:
- Details
- Parent Category: The Definitive Guide to Yii 2.0
- Category: Security
- Hits: 1105
Working with Passwords
Most developers know that passwords cannot be stored in plain text, but many developers believe it's still safe to hash passwords using md5 or sha1. There was a time when using the aforementioned hashing algorithms was sufficient, but modern hardware makes it possible to reverse such hashes and even stronger ones very quickly using brute force attacks.
- Details
- Parent Category: The Definitive Guide to Yii 2.0
- Category: Security
- Hits: 1124
Authorization
Authorization is the process of verifying that a user has enough permission to do something. Yii provides two authorization methods: Access Control Filter (ACF) and Role-Based Access Control (RBAC).
- Details
- Parent Category: The Definitive Guide to Yii 2.0
- Category: Security
- Hits: 941
Authentication
Authentication is the process of verifying the identity of a user. It usually uses an identifier (e.g. a username or an email address) and a secret token (e.g. a password or an access token) to judge if the user is the one whom he claims as. Authentication is the basis of the login feature.
- Details
- Parent Category: The Definitive Guide to Yii 2.0
- Category: Security
- Hits: 987
Security
Good security is vital to the health and success of any application. Unfortunately, many developers cut corners when it comes to security, either due to a lack of understanding or because implementation is too much of a hurdle. To make your Yii powered application as secure as possible, Yii has included several excellent and easy to use security features.