ABSTRACT
More than 75% of the web applications are written using PHP or any of its popular frameworks. Security patterns in the web applications are used to enhance the security of the applications. However, there exists no literature, which documents the availability of the security pattern. Therefore, the developers many times used third party solution to secure the web applications, which results into more security issues. A number of security patterns are available in literature but choosing an appropriate security patterns is a challenge to the developers. In this paper, the authors have identified the availability of the security patterns in the PHP and its popular frameworks i.e. Laravel, CakePHP and CodeIgniter. The authors have compared the availability of the security patterns in these frameworks through reverse engineering and proposed a list of the security patterns that can be implemented to secure the web applications. The work will help the software developers in understanding the capabilities of the security patterns available in PHP frameworks. In addition, the implementation of the identified security patterns proposed in this paper will help in the development of the secure web applications.
