Session cookie by NinjaFirewall

  • Resolved jkling

    (@jkling)


    6 years, 8 months ago

    Hello,

    the session cookie
    Name: PHPSESSID
    Value: 5caded47a992866bfed884ac1adbec17
    is only set, when the firewall plugin is activated.

    Why do you need this cookie?
    Can I prohibit it, if it is not absolute necessary?
    Best regards
    Jürgen

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Hi,

    It’s a PHP session cookie. You can see the details here: https://blog.nintechnet.com/ninjafirewall-general-data-protection-regulation-compliance/
    It is empty and does not contain any data (unless you log in), but the session must be started before the pages load. That’s the way PHP sessions work. It the next release, it will be started only if the user needs to log in.

    • This reply was modified 6 years, 8 months ago by nintechnet.
    Thread Starter jkling

    (@jkling)

    Hello,

    your are kidding. PHPSESSID is a PHP Session cookie ? ??
    Ok your default assumption was, that every vist is a session.
    But in fact it is not really obligatory, until someone tries to log in.
    It’s my personal goal to run a “non cookie policy” as long as possible.
    Thx
    Jürgen

    Thread Starter jkling

    (@jkling)

    Hello,

    Some more improvements, when you will work on the cookie

    SameSite=strict
    Cookie Prefixes __Secure- __Host-

    to make WPNF great again ??

    Best regards
    Jürgen

    Thread Starter jkling

    (@jkling)

    Now I saw this for the frist time

    “It seems that the user session set by NinjaFirewall was not found by the firewall script.”

    What next?

    Plugin Author nintechnet

    (@nintechnet)

    It seems that the user session set by NinjaFirewall was not found by the firewall script.

    Reload the page, as long as it goes away there’s no need to worry about it.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Session cookie by NinjaFirewall’ is closed to new replies.