Re: Re: Security, Late Nights and Overall Paranoia

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Ezra Nugroho wrote:

Here is one security measure that you HAVE to do if you allow people to
submit contents to your site.

1. track client's IP.
2. Associate sensitive cookies with the IP, if they don't match, ignore
it or invalidate the cookie.


If by "HAVE to" you mean "MUST NEVER," then I agree. :-)

Chris

--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux