where is the sessions storedsessions are stored


Where is the sessions stored?

Sessions are stored in server side & it is accessed by a unique id that is known as the session-id where each user-visitor is assigned when they access your website.

How the session-id is propagated within website?

principally, there are 2 methods either store in a cookie or propagated in the URL.

Leaking out an existing session-id to a third party is very risky if the session is filled with more important information.

There are main two methods of vulnerabilities are,

- When the session-id is carrying in URLs

If an external link from your site, a URL with the id might be stored in the external site’s referrer log.

- Active attacker might listen to network traffic

While the session-id flows over the network & if it is not encrypted an active listener might grab it. The best solution is to implement SSL & make it a must for all the users.

Request for Solution File

Ask an Expert for Answer!!
PHP Web Programming: where is the sessions storedsessions are stored
Reference No:- TGS0158833

Expected delivery within 24 Hours