Technical API
After knowing how to use the components and have fully reviewed the basic cryptography model use cases, this is the last step of the tutorial/manual. Before continuing, please make sure to make a fast review of the technical API documentation:
Performance and Security Tips
Here are a few useful tips for the Guru types:
- Do not make things more complex than they are, keep it as simple as possible;
- Always update your OpenSSL/Sodium Library to the latest version;
- Always update your Operating System and Kernel;
- Always update your containers and services;
- Always update your PHP and used extensions;
- Always update your Composer dependencies;
- Separate the dependencies per environment;
- Backup vigorously and preferably often;
- Live by the least privilege principle;
- Never output system technical errors;
- Never expose your platform versioning;
- Never trust the users’ input, it’s evil;
- Never reuse keys, salts or nonce strings;
- Harvest the power of Zend OPcache/JIT;
- Use the Composer APCu optimization;
- Increase the resources for PHP;
- Increase the realpath cache;
- Be paranoid, stay paranoid.
Thank you for your patience! I hope that you like the software framework and I wish you happy encrypting/securing. ;]