Security: page 1
Improve PHP session cookie security
The security of session handling in PHP can easily be enhanced through the use of a few configuration settings and the addition of an SSL certificate. Whilst this topic has been covered numerous times before it still bears mentioning with a large number of PHP sites and servers having not implemented these features. To prevent session hijacking through cross site scripting (XSS) you should always filter and escape all user supplied values before printing them to screen. Read more ⇒
There are a number of things you can do to make a server more secure whilst protecting your hosted entities and their users. Here are just three of the many things I do on every new server I commission. I hasten to add that these are not necessarily the most effective or at the top of my list - they are just that: 3 things I set on new servers. Read more ⇒