secure (1,095)


PHP Session Security

PHP Session Security

Locked.This question and its answers are locked because the question is off-topic but has historical significance. It is not currently accepting new answers or interactions. What are some guidelines f…


security - The definitive guide to form-based website authentication

Closed.This question needs to be more focused.It is not currently accepting answers. Want to improve this question? Update the question so it focuses on one problem only by…


wcf - Best Practices for securing a REST API/web service

When designing a REST API or service are there any established best practices for dealing with security(Authentication, Authorization, Identity Management) ? When building a SOAP API you have WS-Secur…


Is there a way to make Firefox ignore invalid ssl-certificates?

I am maintaining a few web applications. The development and qa environments use invalid/outdated ssl-certificates. Although it is generally a good thing, that Firefox makes me click like a dozen time…



What WCF best practices do you follow in object model design?

I've noticed that a handful of WCF applications choose to "break" their objects apart; that is, a project might have a DataObjects assembly that contains DataContracts/Members in addition to a meanin…


How do you configure HttpOnly cookies in tomcat/java webapps?

After reading Jeff's blog post on Protecting Your Cookies: HttpOnly. I'd like to implement HttpOnly cookies in my web application. How do you tell tomcat to use http only cookies for sessions?…


How exactly do you configure httpOnlyCookies in ASP.NET?

Inspired by this CodingHorror article, "Protecting Your Cookies: HttpOnly" How do you set this property? Somewhere in the web config?…


How do you set up use HttpOnly cookies in PHP

How can I set the cookies in my PHP apps as HttpOnly cookies?…


c# - Storing Windows passwords

I'm writing(in C# with.NET 3.5) an administrative application which will poll multiple Windows systems for various bits of data. In many cases it will use WMI, but in some cases it may need to read…


Secure session cookies in ASP.NET over HTTPS

I got a little curious after reading this/. article over hijacking HTTPS cookies. I tracked it down a bit, and a good resource I stumbled across lists a few ways to secure cookies here. Must I use a…




how security example not for password ssl and the authentication