form post forgery nonces

Improving security in Wordpress plugins using Nonces

Nov 19th, 2008

Using a nonce (number used once) is the best way to protect your plugin against a cross-site request forgery (CSRF) hacker-attack. Nonces are used on requests (saving options in admin, Ajax requests, performing an action etc) and prevent unauthorized access by providing a secret 'key' and checking it each time the code is used.

11 Comments

Recent Comments
- Josseine on SEO Smart Links 533 comment(s)
- S.K on Smart Youtube 506 comment(s)
- Meryl on Ultimate guide to Amazing Grace and Blue Grace themes 36 comment(s)
- feroze on Beautiful Nature Pictures 73 comment(s)
- Hesham @ FamousBloggers on Announcing seamless Yahoo News integration with a new WordPress plugin 2 comment(s)
- Nasxsy on Reflex tester 155 comment(s)
- jenny on Big Amazing Grace/Blue Grace Themes Update 37 comment(s)
- Vladimir on WordPress Plugins I Use 6 comment(s)
Popular searches

About Vladimir

Hi! My name is Vladimir Prelovac. I am a computer engineer by profession and an adventurer by state of mind.

"I would love to change the world, I just don't have the source code yet."

Books by Vladimir

WordPress Plugin Development: Beginner's Guide

Published by Packt Publishing, available online through Amazon. Click the image for more information.

Consulting Services

Professional WordPress solutions based on custom developed plugins and themes

Expert on-site WordPress SEO consulting and an 'out-of-the-box thinking' approach to problems

Vladimir Prelovac

form post forgery nonces

Improving security in Wordpress plugins using Nonces

Recent Comments

Popular searches

About Vladimir

Books by Vladimir

Consulting Services