Last active
February 20, 2017 02:46
-
-
Save erlangparasu/9fcdfd1f159fb465bf884c3b83417c34 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
; ... | |
; Security | |
; | |
; The Fast Track to Safe and Secure PHP Sessions | |
; https://paragonie.com/blog/2015/04/fast-track-safe-and-secure-php-sessions | |
; | |
; http://www.slideshare.net/mikestowe/intro-to-php-security-12564855/7-All_it_takes_is_one | |
; | |
; Note: | |
; 1. Controlling Incoming Data (.ini file) | |
; 2. Checking Data Types ($_POST) | |
; 3. Validating All Incoming Data | |
allow_url_fopen = 0 | |
allow_url_include = 0 | |
register_globals = off | |
session.cookie_httponly = 1 | |
session.cookie_secure = 1 | |
session.entropy_length = 32 | |
session.hash_bits_per_character = 5 | |
session.hash_function = sha256 | |
session.save_handler = files | |
session.use_cookies = 1 | |
session.use_only_cookies = 1 | |
zend.script_encoding = UTF8 | |
; *.php | |
; session_regenerate_id(true); | |
; filter_var(); | |
; string_tags(); | |
; htmlentities(); | |
; ... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment