php - $_SESSION across muliple virtual hosts -

-

i have learned if share server host (which do, have virtualhost), hosts share same $_session same across hosts.

does meant other hosts can access of variables store in $_session?

check value of following:

echo ini_get('session.save_handler'); echo ini_get('session.save_path');

if save_handler files , save_path common directory /var/lib/php5 you're sharing session storage other users on server. you're still protected nature of session hash id, if have sensitive information might want make change. either change save_handler sqlite , provide own local database file, or change save_path directory that's owned , has minimal permissions. can change save_path in .htaccess file:

php_value session.save_path = '/path/to/my/session/directory'

or in php source:

ini_set('session.save_path', '/path/to/my/session/directory');

edit: realistically though, if have information sensitive enough warrant change, should using vps , not shared server.


Comments

Post a Comment

Popular posts from this blog

Fail to load namespace Spring Security http://www.springframework.org/security/tags -

-
i have problem namespace of spring security on xhtml page. don't understand why can't load uri, , have following issue: whitelabel error page application has no explicit mapping /error, seeing fallback. tue jul 21 16:58:12 utc 2015 there unexpected error (type=not found, status=404). please need help! possible uri has been changed? best regards you using incorrect namespace url. correct url http://www.springframework.org/schema/security the error page seeing spring source website since not recognize url. try visiting http://www.springsource.org/security/tags in browser update : spring security tags used in jsp page correct tag lib declaration is: <%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
Read more

Maven Javadoc 'Cannot find default setter' and fails -

-
i'm trying generate javadocs maven project, , i'm running error every time. unable parse configuration of mojo org.apache.maven.plugins:maven-javadoc-plugin:2.10.3:javadoc parameter #: cannot find default setter in class org.apache.maven.plugin.javadoc.options.group . command i'm using mvn javadoc:javadoc root directory, pom is. i don't have groups configured @ all, or have special configuration @ all. same error whether omit plugin in pom completely, add reporting, or add build plugin. i've tried adding empty groups well, , while message changes somewhat, still appears. i ran across this question , a. don't have testng dependencies, b. i'm not using command line parameters, , c. never resolved. it selenium project, suppose there similar, can't figure out. ideas? i've included maven debug stack trace below. [error] failed execute goal org.apache.maven.plugins:maven-javadoc-plugin:2.10.3:javadoc (default-cli) on project selenium: un...
Read more

asp.net core mvc - How important is the global.json and src folder? -

-
in vs 2015, when create new mvc 6.0 application using approach: file-->new-->project-->asp.net web application-->asp.net 5 preview templates you end have following file structure on disk: artifacts src myproject.sln global.json instead if decide create blank solution first so: file-->new-->project-->other project types-->visual studio solutions-->blank solution and start adding new asp.net web application project solution; end having file structure doesn’t have global.json file , no src folder. according documentation , the global.json file used configure solution whole. includes 2 sections, projects , sdk default. the projects property designates folders contain source code solution. default project structure places source files in src folder, allowing build artifacts placed in sibling folder, making easier exclude such things source control. the sdk property specifies version of dnx (.net execution environment) visual studio...
Read more