How can I pen test my .php website that I host on my local machine?

Pen testing my own .php website
Well, I’ve made some kind of forum type website where you can share posts comments and information. There is a login panel (/index.php) at first and it’s already secure enough to block users from entering &q… Continue reading How can I pen test my .php website that I host on my local machine?

How dangerous is disabling PHPHighRiskMethodsVariables_BODY from the AWS ACLs?

Problem
Users in my application are being blocked (by the AWS WAF) from uploading files with certain names. In the specific case I am trying to solve, the problematic string is .* System (.*).*.
Background
The block is coming from the PHPH… Continue reading How dangerous is disabling PHPHighRiskMethodsVariables_BODY from the AWS ACLs?