session.hash_function
I'm using EasyApache4
I'm using PHP 7.3
I'm trying to increase PHPSESSID security and increase length..
I want set session.sid_length but it does not exist in MultiPHP.ini Editor
But session.hash_function exist. (But it seems it is not effective in PHP 7.3)
I set it to 1 and set Algorithm to SHA. But the PHPSESSID remains 32 hex character..
Is it a bug or is there another way of setting session.sid_length?
Regards..
-
Hey there! The best way I have found to achieve this is to add a custom .ini file inside the PHP configuration directory on the server. For example, if you wanted to make this change to PHP 7.3 you would add a file to the /opt/cpanel/ea-php73/root/etc/php.d/ directory with your setting in there. I simply created a file named "custom.ini" in that directory with the following entry: session.sid_length=33
and then checked a phpinfo page on my site to confirm this change was applied. If you are using CloudLinux the path the file would be /opt/alt/php73/etc/php.d/ Can you try that and let me know if that works well for you?0 -
Hi, I have solved my issue by adding a new entry just under session.hash_bits_per_character entry... as like that.. session.sid_length=xx I have checked and it's working. Best Regards. 0 -
Great - I'm glad that's working well!!! 0
Please sign in to leave a comment.
Comments
3 comments