We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
In Defence of PHP - Stephen Rees-Carter - NDC Security 2023
Learn about the often-maligned PHP and discover why it remains a popular language despite criticism. Explore its strong track record, modern security features, and benefits that make it a favorite among developers.
- PHP is still a popular language, despite what people may think
- The rise of shared hosting made PHP easy to use and cheap, which led to its widespread adoption
- PHP has two parts: the language itself, and the frameworks and tools built on top of it
- PHP has a safety track record, with critical security issues being rare
- The author loves PHP and thinks it’s often unfairly judged
- There are many reasons why people might use PHP, including ease of use, low cost, and the ability to build complex applications quickly
- Laravel is a great example of a PHP framework that provides a lot of security features out of the box
- PHP has a strong focus on security, with features like auto-loading, CSRF protection, and JSON web tokens
- Many modern PHP applications follow security best practices, such as separating front-end and back-end code
- PHP’s simplicity makes it easy to get started, but also means it can be prone to mistakes
- The author has experience cleaning up infected WordPress sites, and found that many of these sites were vulnerable due to out-of-date software or misconfigured security settings
- PHP has a strong focus on updates and keeping software up-to-date, which helps to prevent security issues
- The author thinks that PHP is often knocked for being “legacy” or “dead”, but it’s still widely used and has a strong community
- PHP’s popularity means that there are many resources available for learning and troubleshooting, including a large number of third-party packages and plugins