Security Points covered

  1. Header added :
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
    Referrer-Policy
    Cookie No HttpOnly Flag
  2. Session : session_set_cookie_params(0, '/; samesite=None', $_SERVER['HTTP_HOST'], true, true);
  3. Cookie secure : ini_set('session.cookie_secure', 'On');
  4. Sanitize every URL’s, if someone are adding unwanted codes in filters on URL
  5. Mass OTP Flooding by cycling phone numbers. Limitation on OTP send
  6. Session change on login , logout and password change
  7. Multiple SSL vulnerabilities TLS versions, only updated version should be visible (Multiple SSL vulnerabilities)
  8. admin panel accesible
  9. log file publically accessible
  10. password verification secured and current password same as the previous password
  11. password policy should be the same throughout the application
  12. missing HTTP security header
  13. No logout after password change
  14. Automatic leakage of password reset link to the third party website
  15. Sanitize HTTP_REFFERER to block the wrong redirection.
  16. cross-site scripting Reflected Cross Site Scripting (XSS)
  17. php .ini publically accessiable
  18. Clickjacking on sites.
  19. External Service Interaction
  20. Vulnerable Version of Jquery and Css versions in use
  21. CSRF Token implementation
  22. name="referrer" content="no-referrer" in html tags
  23. XML injection
  24. No Rate Limiting; Brute Force Attacks are Possible
  25. Cross-Domain JavaScript Source File Inclusion
  26. Server Leaks Version Information via “Server” HTTP
  27. SQL Injection
  28. HTTP Parameter Pollution
  29. Session Fixation
  30. Nginx Default page change
  31. Staging environments out of index
  32. Captcha implementation on forms, forget password, login, register etc.