Security of Storing Session ID as a Cookie in PHP


Is It More Secure to Use Cookies to Transfer Session IDs in PHP?



Is it more secure to use cookies to transfer session IDs? The answer is yes, because attacking your Web site using URL parameters is much easier than using cookies.

So if you are the system administrator of your Web server, you should set session.use_only_cookies=1.

If your Web server is provided by a hosting service provider, ask them to set session.use_only_cookies=1.


Where Are Session Values Stored in PHP

Using Cookies to Transfer Session IDs in PHP

Understanding and Using Sessions in PHP

⇑⇑ PHP Tutorials

2016-10-25, 1443🔥, 0💬