Koristan PDF… Ovo mi je stajalo u draftovima skoro 3 godine 
http://www.olekasper.no/articles/security_aspects_of_login_systems.pdf
PHP Security Mistakes
http://www.devshed.com/c/a/PHP/PHP-Security-Mistakes/
The Open Web Application Security Project (OWASP)
The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
Top Ten 2007
The primary aim of the OWASP Top 10 is to educate developers, designers, architects and organizations about the consequences of the most common web application security vulnerabilities. The Top 10 provides basic methods to protect against these vulnerabilities – a great start to your secure coding security program.
http://www.owasp.org/index.php/Top_10_2007
ModSecurity
ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
It is also an open source project that aims to make the web application firewall technology available to everyone.
An introduction to mod_security
http://atomicplayboy.net/blog/2005/01/30/an-introduction-to-mod-security/
