Tag > security and SSL

¥É¥á¥¤¥ó̵À©¸Â¡¢¥Ç¥£¥¹¥¯ÍÆÎÌ15GB¡¢PHP¤âMySQL¤âɸ½àÁõÈ÷¡¢¥¦¥£¥ë¥¹¥Á¥§¥Ã¥¯¤ä¥¹¥Ñ¥à¥á¡¼¥ë¥Õ¥£¥ë¥¿¡¼¡¢·ÈÂÓ¥¦¥§¥Ö¥á¡¼¥ë¤Ê¤É¥á¡¼¥ëµ¡Ç½¤â½¼¼Â¤·¡¢CRON¤â»È¤¨¤Æ¡¢·î¡¹¤¿¤Ã¤¿¤Î500±ß¤Î¥ì¥ó¥¿¥ë¥µ¡¼¥Ð¡¼¤Î¾Ò²ð¤Ç¤¹¡£Æȼ«IP¥¢¥É¥ì¥¹¤Î¥ª¥×¥·¥ç¥ó¤¬·î³Û1500±ß¤ÇÍøÍѤǤ­¤ë¤Î¤Ç¡¢Æȼ«¥É¥á¥¤¥ó¤Ç¤ÎSSL¤Ë¤âÂбþ¤Ç¤­¤Þ¤¹¡£

ZenCartÆüËܸì¸ø¼°¥µ¥¤¥È¤Ç
* v1.3.0.2-l10n-jp-1ÍÑ
* v1.2-l10n-jp-6ÍÑ
¤ÎSession Fixation ÀȼåÀ­¤ËÂФ¹¤ë¥Ñ¥Ã¥Á¤¬¥ê¥ê¡¼¥¹¤µ¤ì¤Þ¤·¤¿¡£
¥À¥¦¥ó¥í¡¼¥É¤Ï¡¢¤³¤Á¤é
v1.3.0.2-l10n-jp-1ÍÑ
¥ª¡¼¥Ð¡¼¥é¥¤¥ÉÂбþ¤Ç¡¢¥³¥¢¥Õ¥¡¥¤¥ë¤ò½¤Àµ¤¹¤ëɬÍפϤʤ¤¤Î¤Ç
(¤â¤Á¤í¤ó¥ª¡¼¥Ð¡¼¥é¥¤¥É¤µ¤ì¤ë¥Õ¥¡¥¤¥ë¤Ë¼ê¤ò²Ã¤¨¤Æ¤¤¤ë¾ì¹ç¤Ï½¤Àµ¤¬É¬ÍפǤ¹¤¬)
raadme¤Ëµ­ºÜ¤µ¤ì¤Æ¤¤¤ëÄ̤ê¤Ëºî¶È¤ò¤¹¤ì¤Ð´Êñ¤ËƳÆþ¤¹¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£
v1.2-l10n-jp-6ÍÑ
v1.2-l10n-jp-6ÍѤξì¹ç¤Ï¡¢¥³¥¢¥Õ¥¡¥¤¥ë¤ò½¤Àµ¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
patch¥³¥Þ¥ó¥É¤¬»È¤¨¤ë´Ä¶­ÍѤ˥ѥåÁ¥Õ¥¡¥¤¥ë¤¬Æ±º­¤µ¤ì¤Æ¤Þ¤¹¤¬¡¢
¤³¤³¤Ç¤Ï¡¢patch¥³¥Þ¥ó¥É¤¬»È¤¨¤Ê¤¤´Ä¶­¤ÎÊý¸þ¤±¤Ë¡¢
session_fixation.patch¤ÎÃæ¿È(Êѹ¹Á°¤ÈÊѹ¹¸å)¤ò¾Ò²ð¤·¤Þ¤¹¡£
Step 1
—————
admin/includes/application_top.php 20¹ÔÌÜÉÕ¶á
// Start the clock for the page parse time log
define(’PAGE_PARSE_START_TIME’, microtime());
¢­
ini_set("session.use_only_cookies", "1");
ini_set("session.use_cookies", "1");
ini_set("session.use_trans_sid", "0");

// Start the clock for the page parse time log
define(’PAGE_PARSE_START_TIME’, microtime());
admin/includes/functions/sessions.php 90¹ÔÌÜÉÕ¶á
function zen_session_start() {
return […]