Tycoon Talk
Become a Big fish!
The number 1 forum for online business!
Post topics, ask questions, share your knowledge.
Tycoon Talk is part of Freelancer.com - find skilled workers online at a fraction of the cost.

PHP Forum


You are currently viewing our PHP Forum as a guest. Please register to participate.
Login


Tycoon Talk > Web Development and Programming Support > PHP Forum > secure cookies and ssl

Freelance Jobs

Reply
secure cookies and ssl
Old 09-01-2010, 02:56 PM secure cookies and ssl
orionoreo's Avatar
Ultra Talker

Posts: 335
Name: Jerry
Trades: 0
Talkupation: orionoreo is a jewel in the roughorionoreo is a jewel in the roughorionoreo is a jewel in the roughorionoreo is a jewel in the rough
I'm posting this in the PHP forum as I'm programming.

I was wondering about securing cookies from hackers. So I have my login page on top of ssl, which is fine as after i logged in the cookies were secured but when I travel to a regular part of the site and I check the cookies I can see the cookies set for the login (not password, just that they've logged in). At this point is the cookie unsecured and hackers can sniff it and try to replay on that?

the users need to be able to travel between ssl and non-ssl, so what are my options to mitigating security issues?
__________________

Please login or register to view this content. Registration is FREE
|
Please login or register to view this content. Registration is FREE
orionoreo is offline
Reply With Quote
View Public Profile
 
 
Register now for full access!
Old 09-03-2010, 07:53 AM Re: secure cookies and ssl
Extreme Talker

Posts: 149
Trades: 0
Talkupation: mimamo is on a distinguished road
The rule is not to use sensitive data in cookie. If you really have to, use encryption.
If you are worried about sensitive data, build the site with SSL in mind.
__________________
Free
Please login or register to view this content. Registration is FREE

Visit our
Please login or register to view this content. Registration is FREE
and
Please login or register to view this content. Registration is FREE
mimamo is offline
Reply With Quote
View Public Profile
 
Reply     « Reply to secure cookies and ssl
 
Previous Thread | Next Thread Tycoon Talk > Web Development and Programming Support > PHP Forum > secure cookies and ssl

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




   
RSS Feed  Feeds: RSS   JS   XML
RSS Feed  Feeds for this forum: RSS   JS   XML



Page generated in 0.10031 seconds with 12 queries