MyBB Community Forums

MyBB Community Forums > Community > General Discussion > Web Development and Administration > Session Hijacking?
Full Version: Session Hijacking?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Exze

2012-08-06, 09:27 PM
Hello,

So I was looking at some software and found in the patch notes that a fox for session hijacking had been added, so from this I did a little research and apparently using session_start() on it's own isn't secure?

Does anyone have any information on this? How to prevent it or any articles you would recommend?

Cheers

Vernier

2012-08-06, 09:57 PM
Have a watch of this video:

Exze

2012-08-06, 10:22 PM
(2012-08-06, 09:57 PM)Vernier Wrote: [ -> ]Have a watch of this video:

Cheers for that Smile, would you have to use ini_set() in every page or just 1?

Vernier

2012-08-06, 10:41 PM
Before every session_start(); function
MyBB Community Forums > Community > General Discussion > Web Development and Administration > Session Hijacking?