Loading...

使用.htaccess中更改session.name

Temperature: 0 °C

Mark ChangMark Chang
author_tools

session固定攻擊
session的默認名稱是PHPSESSID,此變量會保存在cookie中。
為了資訊安全,在.htaccess中以下行指令做更名的動作:

php_value session.name "SEESESSID"

以上紀錄~
 

More chapters / Next article: 直接在PHP重新命名帶有前綴的session.name

#故事  #PHPSESSID  #htaccess  #session固定攻擊  
https://innstory.com/story-使用htaccess中更改sessionname-2716

Prev
 htaccess_使用gzip壓縮網站加快加載速度並節省頻寬

Next
使用_htaccess_關閉緩存 

About the Author

Mark Chang

離不開電腦的宅男

Visitor message

Leave some footprints to prove that you visited me

Recommended reading

Author's other related stories

分享 CNNs Anthony Bourdain dead at 61

分享 CNNs Anthon...

難以置信,我還蠻喜歡看他的節目的。 或許....人都有過不去的坎,無論你是功成名就又或者是一事無成。...

分享 颱風放假一天,但你知道日韓沒颱風假嗎?-風傳媒

分享 颱風放假一天,但你知道...

這倒是讓我記起日本電影「 生存家族」裡的劇情~ 故事是設置在沒有電的環境作為舞台開始~ 劇中小日向文...

Weak SSL Cipher在Apache中禁用過時的SSL / TLS版本

Weak SSL Ciphe...

使用vi(或vim)編輯ssl.conf (通常位於/etc/httpd/conf.d/底下) 查詢...

Please select an option

error

Hi, thank you for your participation, but you cannot vote repeatedly~

Join innstory now and start recording your story.

"Innstory" is a place to store stories. We are committed to becoming a warm platform. Deepening the bonds between people is our direction.
We are convinced that the blockchain between people is not just a cold calculation. Join us now.

Wrong format