PHP Security-session data exposure

Source: Internet
Author: User
Session Data exposure session data usually contains personal information and other sensitive data. For this reason, session data exposure is a common concern. In general, the exposure scope is not very large, because session data is guaranteed...


Session Data exposure

Session Data usually contains personal information and other sensitive data. For this reason, session data exposure is a common concern. In general, the exposure scope is not very large, because session data is stored in the server environment, rather than in the database or file system. Therefore, session data will not be publicly exposed.

SSL is a particularly effective method that minimizes the possibility of data being exposed when transmitted between the server and the client. This is very important for applications that transmit sensitive data. SSL provides a protection layer over HTTP to protect all data in HTTP requests and responses.

If you are concerned about the security of the session data storage area, you can encrypt the session data so that you cannot read its content without the correct key. This is very easy to do in PHP. you only need to use session_set_save_handler () and write your own session encryption and decryption functions. For more information about how to save the encrypted session data, see Appendix C.

The above is the PHP Security-session data exposure content. For more information, see PHP Chinese network (www.php1.cn )!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.