The Internet is now overcrowded with automated robot software which continually scan the web sites and software, trying to find security vulnerabilities and extract confidential information. For this reason, great attention is paid to the security and defence against these attacks (SQL injection, XSS injection, etc.).
Centralized software framework takes care of sanitizing data to be entered in order to prevent various types of injection. Communication with MySQL database (or its replacement) is done through prepared statements which further eliminate the threat of SQL injection 's. We reduce XSS injection risks, in addition to custom sanitizing, with the use of third-party frameworks like HTML Purifier. Additional levels of security can be provided through mod_security and hardened versions of the operating system on the web server.