Search found 4 matches

by Terminux
Fri Sep 03, 2010 2:54 pm
Forum: PHP - Security
Topic: Fingerprint and sessions?
Replies: 1
Views: 1274

Fingerprint and sessions?

Hi, I've read carefuly this page http://phpsec.org/projects/guide/4.html explaining methods to protect against sessions hijacking, and I have one question to which I can't solve any solution myself... Tell me if I'm wrong, but sessions are completely and only stored on the server side. The user is o...
by Terminux
Mon Aug 16, 2010 7:44 am
Forum: PHP - Security
Topic: File permission UNIX/PHP
Replies: 4
Views: 1624

Re: File permission UNIX/PHP

Hello Weirdan, thank you again! I should have told you more about my application that's true. I'm setting up a website on a dedicated server. Users of the website of course have no account on the server, but they have accounts in the website. They should be able to freely navigate the website as I p...
by Terminux
Sun Aug 15, 2010 4:27 pm
Forum: PHP - Security
Topic: File permission UNIX/PHP
Replies: 4
Views: 1624

Re: File permission UNIX/PHP

First of all thank you very much Weirdan your post was very helpful! For the first remark (570 permission with apache owner and user group), what is recommended then, what is a good setting? If I do it like : 'user' owner, 'apache_group' group owner, with 750 permission is it ok? For the second rema...
by Terminux
Sat Aug 14, 2010 4:00 pm
Forum: PHP - Security
Topic: File permission UNIX/PHP
Replies: 4
Views: 1624

File permission UNIX/PHP

Hi everyone! This is not a direct PHP question, but rather a question about permissions of PHP files under UNIX. I've read many posts on forums elaborating techniques with file permissions, but either they actually didn't work, either I really didn't feel it was the right way to do it... As a basic ...