Q . How to make PHP session in httponly,secure and change session name ?

Misbahul Haque. asked, Oct 29 ' 2016

It starts the session with name PHPSESSID and without httponly.

Suggest me how to change session name and make it more secure ?

  • PHP
  • session

1 Answers

You can make it more secure by setting all the session cookie params.

Get all the params by below function.

$currentCookieParams = session_get_cookie_params()

Now Set all the params by using below function and start the session.

        0,      //session cookie time -- 0 is for session time
        '/',    //session path from where it can access
        '',     //host blank will set the host of your site
        false,  //works only in ssl
        true    //set true for httponly means it will access only from server side.

//change session cookie name



Leave a Ansewer