Would anyone suggest a process I can use to ensure my site is secured? I am worried about Security Holes, Unauthorized Permission, XSS, etc...
This is a loaded question, because security is a never ending battle. Fortunately, Cake makes securing your app pretty easy if you follow conventions and stick to using the framework's methods. Also, not knowing the nature of your app it's hard to be specific, so I'll go over some of the default tasks (not in order of importance).
First, enable the SecurityComponent. By default, it protects you against CSRF and form tampering. It also makes available methods that you can use to help secure your site, such as requiring HTTP methods or SSL.
Then, audit your code and make sure you are using the built in find() methods for your database calls. Cake escapes inputs to prevent against SQL injection. If you have manual queries, make sure to protect them against SQL injection.
Lastly, write tests for your authorization. This will give you confidence that users can only access the areas of your application that you allow them to, and will provide insight into areas of your app that you might think are secure that could be accessed easily by say, a GET parameter.
Undefined property: View::$FacebookAndre S 2012-04-08 13:53
<?php echo $this->Facebook->html(); ?>Andre S 2012-04-08 13:53
SecurityComponent doing is blackholing requests because of things like removing the hidden fields on checkboxes and so forth. I've never had it muck up the helpers. Without seeing code, it's impossible to say why the Facebook helper wasn't included - jeremyharris 2012-04-09 22:13