Cookie security

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Cookie security

    What is the best way to prevent cookie's from being stolen?
    Visit my site

    #2
    Self allowed.

    Only sent to owner !!
    Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
    Visit: WapMasterz Coming Back Soon!
    _______
    SCRIPTS FOR SALE BY SUBZERO
    Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
    FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
    _______
    Info & Tips
    php.net
    w3schools.com

    Comment


      #3
      Originally posted by ripkk2tfk View Post
      What is the best way to prevent cookie's from being stolen?
      In your .htaccess file, use the code below:

      php_flag session.use_trans_sid off Lol
      PHP Code:
      /* I don't know everything hehe */ 
      Find me on facebook

      Comment


        #4
        My server does not work this code php_flag session.use_trans_sid off

        Comment


          #5
          Use php.ini as your edit that into that

          php.ini
          Code:
          [PHP]
          ; Move to sid off.
          session.use_trans_sid off
          But i never seen this code before session.use_trans_sid off
          Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
          Visit: WapMasterz Coming Back Soon!
          _______
          SCRIPTS FOR SALE BY SUBZERO
          Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
          FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
          _______
          Info & Tips
          php.net
          w3schools.com

          Comment


            #6
            ive heard ppl using it but ive never needed it ur best to make cookie ($_SESSION) store ip and browser and have each page check that they match or unset the cookie ($_SESSION) i no some ppl just use the cookie id as the session maybe store ses or sid in the cookie as a $_SESSION var then u can just unset($_SESSION['ses']);

            Comment


              #7
              Step 1.
              Also assuming your webserver is Apache, insert the following code into .htaccess to prevent session IDs from appearing

              php_value session.use_only_cookies 1
              php_value session.use_trans_sid 0



              Step 2.

              Consider the following code, on every page of your site...
              $actualurl= 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
              $correcturl = 'http://www.MYSITE.COM/';
              if ($correcturl != $actualurl) {
              header("HTTP/1.1 301 Moved Permanently");
              header("Location: " . $correcturl);
              exit();
              }



              PHP Code:
              /* I don't know everything hehe */ 
              Find me on facebook

              Comment


                #8
                Can I insert this code: php_value session.use_only_cookies 1
                php_value session.use_trans_sid 0
                in htaccess gives me server error 500

                of which cause the server to appear this error if so what tre
                '???

                Comment

                Working...
                X