Re[7]: [Phplib-users] new Session4 changes
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
Re[7]: [Phplib-users] new Session4 changes
|
From: Richard A. <rh...@ju...> - 2002-12-03 05:00:24
|
At 13:59 +0300 2/12/02, Maxim Derkachev wrote: > IMCO. The only marker I could see by now is the user's IP address - > everything else is even less reliable. If session hijacking is of concern, the site must be running SSL. In which case perhaps the SSL_SESSION_ID Apache Environment Variable would be a better thing to track than IP address? I'm not sure under what circumstances that would be re-negotiated though! ...R. |
