Home » Download » Modules

Secure Pages Hijack Prevention

· · ·
grendzy - January 28, 2009 - 20:22

This is an add-on to the Secure Pages module that will prevent hijacked sessions from accessing SSL pages, yet still allow users to stay logged in when browsing non-SSL pages.

The login form is also secured, both on the user page and the login block.

This module is recommended for most securepages users. (One possible exception is if you have set session.cookie_secure, and you have "Switch back to http" disabled in the securepages settings.)

Please do consider carefully the inherent limitations of mixed HTTP / HTTPS sessions. For an analysis of various approaches to using SSL, see this article on crackingdrupal.com.

Downloads

Recommended releases

Version Downloads Date Links
6.x-1.5 Download (9.37 KB) 2009-Aug-06 Notes
5.x-1.0 Download (8.66 KB) 2009-Aug-06 Notes

Development releases

Version Downloads Date Links
6.x-1.x-dev Download (9.37 KB) 2009-Jul-31 Notes
5.x-1.x-dev Download (8.67 KB) 2009-Jul-31 Notes


 
 

Drupal is a registered trademark of Dries Buytaert.