No week passes without a new security vulnerability. However, more often it is not a browser, server, or OS that is affected, but a web site. Most often, the same mistakes are made, paired with lazy programmers. This talk seeks to change this and covers securing a PHP-enabled website. Ben Ramsey examines security from the server-side and explores best practices for configuring PHP on the server.