Top "Security" questions

What is the best way to prevent session hijacking?

Specifically this is regarding when using a client session cookie to identify a session on the server. Is the best …

security session cookies

Error Importing SSL certificate : Not an X.509 Certificate

I am trying to Update the SSL certificate in accordance with this post . I am noob in certificates, so i …

java security ssl x509certificate

Exploitable PHP functions

I'm trying to build a list of functions that can be used for arbitrary code execution. The purpose isn't to …

php security grep

JavaScript: client-side vs. server-side validation

Which is better to do client side or server side validation? In our situation we are using jQuery and MVC. …

javascript security validation

How are SSL certificate server names resolved/Can I add alternative names using keytool?

These may be phrased as separate questions for clarity, but they are all related to the same issue. How are …

java security ssl

How to send password securely over HTTP?

If on a login screen user submits a form with his username and password, the password is sent in plain …

security http encryption passwords plaintext

ASP.NET Identity's default Password Hasher - How does it work and is it secure?

I am wondering wether the Password Hasher that is default implemented in the UserManager that comes with MVC 5 and ASP.…

c# asp.net security passwords asp.net-identity

Remove Server Response Header IIS7

Is there any way to remove "Server" response header from IIS7? There are some articles showing that using HttpModules we …

security iis-7 header response

How to read a HttpOnly cookie using JavaScript

Is there any way to read a secure cookie with JavaScript? I tried to do it using document.cookie and …

javascript security cookies

How to properly add cross-site request forgery (CSRF) token using PHP

I am trying to add some security to the forms on my website. One of the forms uses AJAX and …

php security session csrf