I'm 16 and do a lot of web design for people. I do mostly front end design apart from the occasional bit of PHP when handling forms. While I do know how to manage basic sterilisation and validation, i would like to learn more intricate things like user management and login systems. I know my way around js, MySQL and PHP, etc... but I don't feel confident securing such systems. I know there is not one solve all guide to web security, but I was wondering if anyone knows any helpful guides, resources, etc.... Also, even just somewhere to start.
What I mainly want to learn about:
- setting up and acquiring SSL certificates
- handling SSL certificates
- building secure login systems
- using cookies for security purposes
- general PHP security
- SQL security
My end goal is to be able to build sites with users who's basic info I can securely store (no payment details) in an SQL database. I want to be able to create a user sign up the login and editing system. i have created something like this before but not with SSL. My question is how do you learn to do this with SSL?
could someone... - direct me to a guide. - direct me to examples. - point me in the right direction.
(examples would be too big to post) like I said its quite a broad question so sorry (as someone who usually hates people who post questions like this). Very much open to advice any help would be appreciated :)
EDIT: My real question now is how do I learn how to use SSL and set it up after I've bought a certificate?