[nycphp-talk] cross server session id and SHARED HOSTING
inforequest
1j0lkq002 at sneakemail.com
Mon Nov 1 09:34:58 EST 2004
There are four reasons I always caution against using shared hosting.
Most important (to me) is the IP block -- if someone on that block does
something bad like send spam or spam the search engines, you may find your
site banned or your emails blacklisted or your domain otherwise guilty by
association.
The second is because an enterprising user on virtual site A can find his
way through the file system tree to view your source code on virtual site
B.
The third is because another site can rash or jeopardize the server at your
expense.
The fourth is because you share all server-based low-level systems, such as
the cookie issue you highlighted. It is also apparent when one influential
site runs an insecure version of Apache/PHP/whatever, thus delaying an
upgrade which would benefit your site.
Of course I use shared hosting, because of the benefits :-) and because of
the downsides associated with dedicated hosting :-)
If this stuff was easy, all the newbies would be taking all the consulting
business, and the market rates would go way down. Thankfully, that is not
the case!
-=john andrews
Original Message:
-----------------
From: Matthew Terenzio webmaster-at-localnotion.com |nyphp dev/internal
group use| ...
Date: Sun, 31 Oct 2004 21:51:50 -0500
To: talk at lists.nyphp.org
Subject: [nycphp-talk] cross server session id
Did anyone know you can read a PHP session id from a JSP page running
on the same box(and domain), different port.
I guess it only makes sense, but I wasn't expecting it.
_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org
--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .
More information about the talk
mailing list