Hi,
For cybersecurity issues and to avoid that it is possible to detect that there is moodle installed on our server, we need to change the name of the session cookie and apply the security flag "__HOST-" or "__SECURE-", but we cannot find where it is possible to do it globally.
Greetings and thank you very much in advance
Not sure how one does:
"to avoid that it is possible to detect that there is moodle installed on our server"
but ... go to your server
/admin/settings.php?section=sessionhandling
Cookie Prefix?
'SoS', Ken
Hard Coded?!!??
in a moodle311 code directory:
fgrep 'MoodleSession' ./ -R
.//lang/en/moodle.php:The essential one is the session cookie, usually called MoodleSession. You must allow this cookie in your browser to provide continuity and to remain logged in when browsing the site. When you log out or close the browser, this cookie is destroyed (in your browser and on the server).
.//lang/en/moodle.php:$string['cookiesenabledonlysession_help'] = 'This site uses one session cookie, usually called MoodleSession. You must allow this cookie in your browser to provide continuity and to remain logged in when browsing the site. When you log out or close the browser, this cookie is destroyed (in your browser and on the server).';
.//lib/classes/session/manager.php: $sessionname = 'MoodleSession'.$CFG->sessioncookie;
.//lib/tests/behat/behat_general.php: $session = $this->getSession()->getCookie('MoodleSession');
.//lib/tests/behat/behat_general.php: return download_file_content($url, array('Cookie' => 'MoodleSession=' . $session));
.//lib/tests/behat/behat_general.php: $session = $this->getSession()->getCookie('MoodleSession');
.//lib/tests/behat/behat_general.php: $content = download_file_content($url, array('Cookie' => 'MoodleSession=' . $session));
.//lib/behat/classes/behat_session_trait.php: $sid = $this->getSession()->getCookie('MoodleSession');
Looks like there is more than one place! :|
Uhhhhh ... make a backup of site before playing ... best if you had a dev site me thinks!
Good luck!
'SoS', Ken