News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHPBuilder.com:
Session Security
September 18, 2009 @ 08:12:12

In a new tutorial on PHPBuilder.com Marc Plotz takes a look at the security of your sessions and how to protect them from would-be data thieves.

Sessions are a very complicated part of PHP, and it is no surprise that the smarter website attacks are carried out on sessions. Most of these attacks involve one user impersonating another, or, more to the point, "hijacking" the other user's session data. As most experienced developers know, exploiting session data is an easy way into most low-to-medium security level websites--after all, that is how most website login systems work.

He looks at a few methods the hacker could use to get at your session data - session fixation, capturing and predicting where the values could be set so you can gain access.

0 comments voice your opinion now!
session security tutorial


blog comments powered by Disqus

Similar Posts

DZone.com: Development Setup for Neo4j and PHP: Part 2

PHPMaster.com: Saving PHP Sessions in Redis

Jake Smith's Blog: Callback Filter Iterator in PHP 5.3/5.4

PHP-Coding-Practices.com: How To Generate Monochromatic CSS Stylesheets Within Seconds Using PHP

Keith Casey's Blog: php|Tek 2009: Unconference Unchaos


Community Events





Don't see your event here?
Let us know!


series interview laravel code install configure community list language refactor threedevsandamaybe experience release introduction testing podcast developer opinion unittest framework

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework