secure
Browser Extensions and PHP Session IDs
February 2, 2022 - Information Resources
The Issue
One way applications protect against abuse (such as replay attacks) is by assigning a nonce (number used once) to a client connection. This randomly generated number is made available to the client for as long as the connection remains active and is commonly stored server-side to the session, and identified by that connection’s PHPSESSID. This PHPSESSID is associated with the client in a cookie, and shared with each future connection.Read More
FileChecker WordPress Plugin
July 3, 2017 - News Articles
Those who attempt to seize control of WordPress sites often do so by burying obfuscated code in the PHP scripts of plugins, themes or the WordPress core. This is done through various exploits in improperly secured PHP, less-restricted file system permissions, or server counter-measures.Read More