PHP You doubt how to optimize the Session

3

Today I use the following code to start a Session in PHP

 //verificação se o id de sessão ja existe, se não existir, cria
if (!session_id()){
   // iniciando a sessão
   session_start();   
   // buffer para evitar o erro ao acionar o headlocation
   ob_start();

}

As I'm new to PHP, I'd like to know ... Do I need to make additional settings to avoid future access problems? that is, I want to prevent the site that I have developed is overloaded.

I also realized that the session is only terminated when I close the browser, what is the expiration time of the php session, and does it have to be changed?

Tips?

I'm using version 5.6

    
asked by anonymous 22.08.2017 / 01:56

1 answer

3

You do not have much to do about it,

But try to apply this little script that will save the last request, with timeout, will prevent DDoS attacks

// vou assumir que ja tens a sessão iniciada...
$uri = md5($_SERVER['REQUEST_URI']);

$exp = 3; // 3 segundos
$hash = $uri .'|'. time();
if (!isset($_SESSION['user'])) {
    $_SESSION['user'] = $hash;
}

list($_uri, $_exp) = explode('|', $_SESSION['user']);
if ($_uri == $uri && time() - $_exp < $exp) {
    header('HTTP/1.1 503 Service Unavailable');
    die;
}

// guardar a ultima requisição
$_SESSION['user'] = $hash;
    
22.08.2017 / 11:59