In the last chapter, we built a REST API that allows an external application to add and retrieve data to our database. In the earlier chapters, we built a whole application. However, before we make it accessible to the users, it is very important to go over the security of the total stack of software that the application is using. We have already introduced the concept of user authentication that partially helps with security in Chapter 6, Authentication and Access Control. In this chapter, we will primarily focus on tightening the security for our application.
This chapter will cover the following topics:
Securing Apache web server
Securing MariaDB
Securing PHP