News Feed

News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way
Session Security
September 18, 2009 @ 08:12:12

In a new tutorial on Marc Plotz takes a look at the security of your sessions and how to protect them from would-be data thieves.

Sessions are a very complicated part of PHP, and it is no surprise that the smarter website attacks are carried out on sessions. Most of these attacks involve one user impersonating another, or, more to the point, "hijacking" the other user's session data. As most experienced developers know, exploiting session data is an easy way into most low-to-medium security level websites--after all, that is how most website login systems work.

He looks at a few methods the hacker could use to get at your session data - session fixation, capturing and predicting where the values could be set so you can gain access.

0 comments voice your opinion now!
session security tutorial

blog comments powered by Disqus

Similar Posts

Mike Naberezny's Blog: Wrapping PHP Functions for Testability PHP 5.4.27 Released

Anthony Ferrara: N-Tier Architecture - An Introduction

Bill's IIS Blog: PHP on IIS7 w/FastCGI Build a Login and Registration System with XML

Community Events

Don't see your event here?
Let us know!

interview introduction version conference artisanfiles composer library series voicesoftheelephpant list podcast release tool framework symfony community opinion security language laravel

All content copyright, 2014 :: - Powered by the Solar PHP Framework