Guest Posted December 8, 2003 Posted December 8, 2003 What would be my proper sttings for the sessions part of the admin file? Session Directory /tmp? Force Cookie Use True or False? Check SSL Session ID True or False? Check User Agent True or False? Check IP Address True or False? Prevent spider Sessions True or False? Recreate Sessions True or False? Also is there a doc that explains all of these? Thanks, Scott90SC
Guest Posted December 9, 2003 Posted December 9, 2003 Can anyone explain this to me? I went through the Wiki Docs and this doc on sessions is very vauge. I am being lost as a customer when going to and from ssl pages, I think it may have to do with this but I am not sure. Thanks, Scott90sc
Chad Posted December 9, 2003 Posted December 9, 2003 all false except for last 2 which should be true. /tmp directory isnt needed unless you're storing session's as files and not in the database (which is default)
fiat707 Posted December 9, 2003 Posted December 9, 2003 I would say that if your SSL resides at a shared hosting domain, "Force cookie use" and "Recreate session" will not work when set "true". If you have your SSL resides at the same domain with a delicate certificate for your own use, then you should turn on "Force cookie use" and "recreate session" to make it most secure (session number will not be displayed in broswer address box, etc.)
Noobish-n-stuff Posted December 9, 2003 Posted December 9, 2003 Recreate Sessions True or False? this requires PHP 4.1 or greater. double check your version just in case.
Guest Posted December 10, 2003 Posted December 10, 2003 which is better to store sessions in files or database? Scott90SC
Recommended Posts
Archived
This topic is now archived and is closed to further replies.