PHP Session Security
There are a couple of things to do in order to keep your session secure: Use SSL when authenticating users or performing sensitive operations. Regenerate the session id whenever the security level changes (such as logging in). You can even regenerate the session id every request if you wish. Have sessions time out Don’t use … Read more