skip to Main Content

In relation to How to create a secure login system using cookies and sessions?

I’m building a simple forum, spending my time securing $_SESSION => hashing as mindful person about security but simple one because my future website will be not something giant, I will enable SSL.

Will I need cookie(s) for example about Google Search Console/day’s visitors/SEO or nothing special about that and general security ?

Thank you for your help

2

Answers


  1. The Sessions and Cookies both serve the purpose of storing data.The sessions are made at the server and gets destroyed once the connection with the server is lost or the application is closed, while the cookies are made at the client and stays for a defined time, either the application is opened or closed.And you can delete them anytime you wish.

    So in relation to the security, the sessions are more appropriate than the cookies.

    The latter part of your question is a kind of vague to me, yet I think this answer will be of some help to you. 😀

    You can find a Cookies vs. sessions comparison here.

    Login or Signup to reply.
  2. There are three main ways, we can get data from our users.

    1. By typing a url or click a link which will be a GET request.
    2. By submit a form which will be a POST request.
    3. Pulling values out of their browser COOKIE that send with every request they make.

    and there is one more method to get data which is –

    1. SESSION

    sessions are related to cookies.
    A session is a file that stored on the web-server file system not on the browser side.
    So, when we want save some information, the process is instead of sending a cookie to the user, we send them as a reference to that session file.
    So on every request they make to the web server after that they send the reference and were able to lookup that session file and pull all the data out of it.
    So the most important difference with sessions that they stored in server-side not client-side.
    All we send to the client is a reference to help us find that file.

    Using sessions has some benefits and drawbacks –
    PROS –

    • More storage than cookie.

    cookie is limited to 4000 characters maximum.
    for session, it is limited to only by the file storage size that you have on a web server i.e; how big is the hard-disk, that’s the limit.

    • Smaller request sizes because session uses reference.
    • Conceals data values.
    • More secure, less hackable.

    CONS –

    • Slower to access.

    You won’t see much difference on camparing to cookies, but it is.

    • Expires when browser is closed.

    Cookie can live 6 months or more.

    • Session files accumulate.
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search