Set up a Cookie in Apache with php
A Cookie is a piece of information stored on the client computer to track the client -server sessions. Three steps involved in communication are,
- Server sends cookies to the client’s web browser, like name, age etc.
- Browser stores this cookies on client machine to use it later.
- Next time when the client access the server it sends the cookies to identify itself.
We will create two PHP programs one for setting the cookie(cookieset.php) and the other for displaying the contents of the cookie( cookieaccess.php). While browsing the first file it browser will download the cookie and I should be able to capture communication between server and client using Wireshark monitoring tool. The cookies are visible when we form TCP Stream out of these packets. Also we will see where the cookies are stored in Linux client machine. I have used Amazon Linux 1 as web server. You may have to make appropriate changes for other versions. Make sure that SELinux is disabled and firewall is allowed for port 80 for the setup below. My setup is like below.
Platform: AWS
Server OS: Amazon Linux 1
http: httpd-2.2.34-1.16.amzn1.x86_64
php: php-5.3.29-1.8.amzn1.x86_64
Client OS: Fedora
web browser: Firefox- Install http and php in your Amazon 1 Linux Server ( Centos 6 compatible)
# yum install httpd php
2) Create the file to set up the cookie. my file is /var/www/html/coockieset.php with contents below.
<?php
setcookie("name", "alice", time()+3600, "/","", 0);
setcookie("age", "30", time()+3600, "/", "", 0);
?>
<html>
<head>
<title>Cookies with PHP</title>
</head>
<body>
<?php echo "Saved Cookies"?>
</body>
</html>3) Create file to display the contents the cookie. my file is /var/www/html/coockieaccess.php with contents below. We don't use this file in the experiment. But you can access the file just after accessing cookieset.php so that it will display contents of cookies name and age in the web browser.
<html>
<head>
<title>Cookies with PHP</title>
</head>
<body>
<?php
echo $_COOKIE["name"]. "<br />";
echo $_COOKIE["age"] . "<br />";
?>
</body>
</html>4) Finish http configuration.
# service httpd restart
# chkconfig httpd on4) In the client machine set Wireshark monitoring tool on for capturing the packet.
5) Access the cookie file by type http://public_ip_of_server/cookieset.php so that packets can be captured by wireshark.
6) Stop Wireshark for capturing the packet. Follow the TCP cream and see that cookie information is visible for you.
7) Now come to client OS’s ~/.mozilla/firefox/your_profile_id and search insie cookies.sqlite files to see your cookie stored. Depends on you OS path may be different. Execute the command below to see the cookies
Disclaimer: This experiment is accomplished in test environment. You are requested to verify your setup thoroughly before you implement in a production environment.
