session hijacking-php.ini

wamp->php.ini

 ; This option forces PHP to fetch and use a cookie for storing and maintaining
; the session id. We encourage this operation as it's very helpful in combating
; session hijacking when not specifying and managing your own session id. It is
; not the be-all and end-all of session hijacking defense, but it's a good start.
; http://php.net/session.use-only-cookies
session.use_only_cookies = 1

posted @ 2016-09-06 00:57  papering  阅读(188)  评论(0编辑  收藏  举报