• Intel
  • Microsoft
  • Google
  • Sun Microsystems
  • BT
  • IBM
  • Yahoo! Inc.
  • Zimbra
  • Atlassian Software Systems
  • Disney
  • EnterpriseDB
  • Etelos
  • Ingres
  • JasperSoft
  • Kablink
  • Linagora
  • MindTouch
  • Mozilla Corporation
  • Novell, Inc.
  • Open Invention Network
  • OpSource
  • RightScale
  • Silicon Mechanics
  • Tenth Planet
  • Ticketmaster
  • Voiceroute
  • White Oak Technologies, Inc.
  • XAware
  • ZDNet

Sponsorship Opportunities

For information on exhibition and sponsorship opportunities at the conference, contact Sharon Cordesse at scordesse@oreilly.com.

Media Partner Opportunities

Download the Media & Promotional Partner Brochure (PDF) for more information on trade opportunities with O'Reilly conferences, or contact mediapartners@oreilly.com.

Press and Media

For media-related inquiries, contact Maureen Jennings at maureen@oreilly.com.

OSCON Newsletter

To stay abreast of conference news and to receive email notification when registration opens, please sign up for the OSCON newsletter (login required).

Contact Us

View a complete list of OSCON 2008 Contacts

Securing the PHP Environment with PHPSecInfo

Location: F151 Level: Novice
Average rating: ****.
(4.00, 8 ratings)

PHPSecInfo is an easy to install, easy to use security auditing tool for the PHP environment. PHPSecInfo provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement.

This talk will cover:

  • The current state of security in open source web applications written in PHP
  • The importance of securely configuring PHP
  • The primary audiences for open source web applications, and how PHPSecInfo can be useful to each
  • The role PHPSecInfo can play in a multilayered security approach
  • Deploying, modifying, and extending PHPSecInfo
  • The Zend_Environment_Security module in the Zend Framework
Photo of Edward Finkler

Edward Finkler

Graph Story

Ed Finkler has been a web developer for 13 years, the last 6 of those as the Web and Security Archive Administrator of CERIAS at Purdue University. In recent years his interests have turned to web application security, especially with open source technology. He is is a member of the PHP Security Consortium and creator of the PHPSecInfo auditing tool for PHP environments. Ed has also worked in Rich Internet Application development, and his Twitter client Spaz was awarded “Best HTML Community App” in the Adobe AIR Developer Derby. Finkler also studies interface design and usability.

OSCON 2008