Cloud Insidr

Cybersecurity in the Age of the Machine

  • Subscribe!
  • Privacy Policy
  • Legal
  • Contact Us

Join us on Twitter: @CloudInsidr

  • news & alerts
    • events
    • industry analysis
    • industry gossip
    • people
  • cloud, edge & co.
    • AWS
    • administration & orchestration
      • web servers in the cloud
      • mail servers
      • databases
  • cybersec & warfare
    • encryption
  • blockchain
Home Archives for session
Maximize your PHP session security by fixing errors and closing the session adoption vulnerability that allows session fixation attacks

Cloud Insidr 2017-02-20 Leave a Comment

Maximize your PHP session security by fixing errors and closing the session adoption vulnerability that allows session fixation attacks

When the server can’t write to the session data directory, if will use /var/cache/nginx/fastcgi_temp/ and complain in the error log. You don’t want any of these errors, but a setting considered insecure will not even be reported as such. Here is how to bolster your PHP 7 session security with NGINX and php-fpm.

[Read more…]

Filed Under: cybersecurity and cyber warfare, NGINX, php-fpm, web servers in the cloud Tagged With: NGINX, permissions, PHP 7, php-fpm, session, session adoption, session fixation

How to Fix PHP Session Errors while Respecting Security with Correct Permissions

Cloud Insidr 2015-11-25 Leave a Comment

How to Fix PHP Session Errors while Respecting Security with Correct Permissions

Have you ever seen one of these weird redirects? WordPress, for example, may refuse to show the log-in page, leaving you out of its admin interface for good. Here is what to do about it.

[Read more…]

Filed Under: Uncategorized, web servers in the cloud Tagged With: error, Linux, log, NGINX, permissions, PHP, php-fpm, session, session hijacking

Join Cloud Insidrs!

Symantec Code Signing (200x200)

Tag Cloud

AWS Azure Azure Active Directory Azure Arc Azure Lighthouse Azure Resource Manager clickjacking CSRF cyber security DD-WRT domain firmware Gemalto HPKP HSTS IAM log logs MFA MITM Netgear network router SELinux tip Whois WiFi x509 XSS
Secure Site with EV (160x600)

Pearson Education (InformIT)

Pearson Education (Peachpit)

Thawte Code Signing (200x200)

  • Content purchasing and syndication