Don't overlook protecting sessions via SSL: The best way!
Hey menjaraz,
I'm aware I could do it this way, but that's an expensive way in first hand, besides it's not a solution to this whole thing. The effect this whole thing should do is show security to the user and especially let the user END SESSIONS remotely. But thanks for your quick reply!
Nobody knows any way? Seems like there's no way to prevent session hijacking with Laravel..
The situation is i'm have the same issue, and some leak information related.
a few links to mitigate this, just i dont know if a solution can be implemented.
[http://stackoverflow.com/questions/5081025/php-session-fixation-hijacking]
protect your cookie session using ip address + spesific domain + encryption + life time (these option doesn't prevent all hijacking but reduce the risk). if comparisson result is FALSE, then forget the session and create new session and also redirect to your home page. #cmiiw
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community