info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
I guess, this is an old thread and would be good if I suggest some php session cookie secure issues.
As PHP belongs to application layer and builds on HTTP cookies to maintain multiple request. For this, it combines custom, specific cookie header with its own session handler class: