Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
cabirum
on April 23, 2013
|
parent
|
context
|
favorite
| on:
Things I set on new servers
PHP also uses cookie named PHPSESSID to store session ids. Use session.name to specify a different one.
laumars
on April 23, 2013
[–]
That has no impact on security. If an attacker can read your cookies then it didn't matter if you're sessions are called PHPSESSID or WETTROUT, they're still readable.
evan_
on April 23, 2013
|
parent
[–]
It only matters if you're trying to disguise the fact that you're using PHP, as the article suggests.
laumars
on April 23, 2013
|
root
|
parent
[–]
Which again, doesn't add any additional security.
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
