On Session Hijacking
Posted: Wed Feb 21, 2007 6:43 am
Hi All,
These days I'm playing around on session security on PHP, I just wonder, will storing session into database by setting the session handler completely prevent session hijacking? Or, if stilled use file-base session handling, any other alternatives to mitigate the session attack?
I'm in a share host environment.
Thank you very much for your help.
With my best,
Jim
These days I'm playing around on session security on PHP, I just wonder, will storing session into database by setting the session handler completely prevent session hijacking? Or, if stilled use file-base session handling, any other alternatives to mitigate the session attack?
I'm in a share host environment.
Thank you very much for your help.
With my best,
Jim