I want to secure the state variables of webuser, what is the best way?
I want to secure the state variables of webuser, what is the best way?
The best way to secure them is to restrict their visibility. Store them only on server-side and you’re done.
I use the remember me function of Yii, so the only way is to use Cookie Attack Prevention?
Well, if you are afraid of users hacking and manipulate cookies, don’t worry. HMAC protection will check cookies’ validity based on a server-side key.