htmLawed is a PHP script that makes input text more secure, HTML standards-compliant, and suitable in general from the viewpoint of a Web-page administrator, for use in the body of HTML 4 or XHTML 1 or 1.1 documents. It is a customizable HTML/XHTML filter, processor, purifier, and sanitizer. It can ensure that HTML tags are balanced and properly nested tags, neutralize code that may be used for cross-site scripting (XSS) attacks, and limit the allowed HTML elements, tags, attributes, or URL protocols.
WebAbility is an advanced Web development platform that contains WebFlow, a content management system (CMS), a security advanced system (SAS), a powerful workflow engine, and Web site wrappers. It supports multiple database connections, multiple languages, multiple presentation templates, page, script, and library versioning, XML and Web Services integration, and advanced security management. It uses plugins to extend the software for tasks such as e-commerce, portals, intranets, and editorial systems.
Expresso Framework is an open standards-based J2EE architectural framework that allows the developer to concentrate on application logic. It is a library of extensible Java Server application framework components for creating database-driven Web applications based on open standards. Expresso integrates with Apache Jakarta Struts, which emphasizes presentation and application configuration, and bringing a powerful tag library to Expresso. Expresso adds capabilities for security, robust object-relational mapping, background job handling and scheduling, self-tests, logging integration, automated table manipulation, database connection pooling, email connectivity, event notification, error handling, caching, internationalization, XML automation, testing, registration objects, configuration management, workflow, automatic database maintenance, and a JSP tag library.
suPHP is a combination of an Apache module (mod_suphp) and an executable which provides a wrapper for PHP. With both together, it is possible to execute PHP scripts with the permissions of their owner without having to place a PHP binary in each user's cgi-bin directory. suPHP doesn't need Apache's suExec, and provides a logging function.
mod_auth_openid is an authentication module for the Apache 2 Web server. It handles the functions of an OpenID consumer as specified in the OpenID 2.0 specification. Once installed, a simple configuration directive can secure a directory or application on your Web server and require a valid OpenID/XRI identity. You can configure trusted/untrusted identity providers along with a number of other options.
phpSecureSite is a modular authentication, session handling and security system for Web applications that was built using PHP. It features a stripped-down core that takes care of basic session handling, and modules for other functionality like brute force protection, session variables, and access control lists.
phpass is a portable password hashing framework for use in PHP applications. The preferred (most secure) hashing method supported by phpass is the OpenBSD-style bcrypt (known in PHP as CRYPT_BLOWFISH), with a fallback to BSDI-style extended DES-based hashes (known in PHP as CRYPT_EXT_DES), and a last resort fallback to an MD5-based variable iteration count password hashing method implemented in phpass itself.