Tagged in

Security

The White Hat ElePHPant

PHP Articles, Tutorials, Opnions and occasional rantings by Galvão

More information

Followers

Elsewhere

More, on Medium

Security

Er Galvao Abbott in The White Hat ElePHPant

Aug 4, 2017

A look into sessions and security

“Final” Part: Eternal sessions of the clueless user

In the fourth article of this series we talked about how to use a score-based approach to minimize false occurrences. Now it’s time to talk about… time.

Er Galvao Abbott in The White Hat ElePHPant

Jul 5, 2017

A look into sessions and security

Part #3: The score approach

In the third article I’ve reached the conclusion that the most important concepts when thinking about secure sessions are Coherence and Validity. I’ve also touched a very delicate point when dealing…

Er Galvao Abbott in The White Hat ElePHPant

Jun 11, 2017

A look into sessions and security

Part #2: Storage, Access and Meta Data

In my second article we’ve seen how to set up a session in a way that improves it’s security. We’ll now take a look at a few issues about access, storage and meta data.

Er Galvao Abbott in The White Hat ElePHPant

Apr 28, 2017

A look into sessions and security

Part #1: The setup

[Updated on 2018–07–05: Fixed a mistake on the referer_check option]

In the first article of this series we explored the concept and theory behind sessions. Now that we understand what a…

Er Galvao Abbott in The White Hat ElePHPant

Apr 26, 2017

A look into sessions and security

Part #0: The concept

Index

Part #0: The concept (You’re here!)
Part #1: The setup
Part#2: Storage, Access and Meta Data
Part #3: The Score approach
“Final” Part: Eternal sessions of the clueless user