Is it safe to change the 'Security.salt' line to a more lengthy string {64 hex key}

Posted by Gaurav Sharma on Stack Overflow See other posts from Stack Overflow or by Gaurav Sharma
Published on 2010-05-13T07:28:19Z Indexed on 2010/05/13 7:34 UTC
Read the original article Hit count: 290

Filed under:

cakephp

|

security

|

app-config

Hi everyone,

I have changed the

Configure::write('Security.salt', '############');

value in the file

config/core.php

file to a '256-bit hex key'. Is it safe or a good practice to change these lines for every different installation of cakephp application or shall I revert back to the original ?

I also changed the

Configure::write('Security.cipherSeed','7927237598237592759727');

to a different one of more length.

Please throw some light on this.

Thanks

© Stack Overflow or respective owner

Related posts about cakephp

Losing sessions with window.open and cakephp redirection in PHP with cakephp

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi guys, Ok, here goes a very strange problem... Our team is using cakephp to develop a large application. Everything session related is working properly so far. The only issues we've had so far are related to iframes and opening windows in other subdomains. I'll explain: User opens up site… >>> More
CakePHP sending multiple lines of same cookie information in response header. why??

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi all, I am having this problem with one of my cakePHP applications. My application displays a big html table on the page. I noticed that when the table goes beyond a certain size limit, IE cannot display that page. While trying to figure out why this happens, I noticed that my html response… >>> More
CakePHP: trouble configuring .htaccess for user directories enabled server

as seen on Server Fault - Search for 'Server Fault'
I've placed the CakePHP files in a directory in /home/user/public_html/cakephp. When I try to reach localhost/~user/cakephp with my browser, there's an error message. In my case, since I'm using Chrome, it is 'Oops! This link appears to be broken.". Looking for a solution on Google, I found a few… >>> More
CakePHP: 2-level JOIN with one Query

as seen on Stack Overflow - Search for 'Stack Overflow'
I have the following models in CakePHP: A Deposit belongs to an Account An Account belongs to a Customer I want to have a list of Deposits, and I need to show the name of the customer (so I have to join through the Customer). I also need to paginate this list. If I set Deposit->recursive = 2… >>> More
[CakePHP] Can not Bake table model, controller and view

as seen on Stack Overflow - Search for 'Stack Overflow'
I developed small CakePHP application, and now I want to add one more table (in fact, model/controller/view) into system, named notes. I had already created a table of course. But when I run command cake bake model, I do not get table Notes on the list. I can add it manually, but after that I get… >>> More

Related posts about security

sudo apt-get update errors

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Here is what I get on my terminal when running sudo apt-get update errors. I dont know if the issue is from my sources.list or my proxy setup(have not made any changes to proxies). Thank you for any help in advanced. Ign http://security.ubuntu.com oneiric-security Release.gpg Ign http://security… >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Devx - Search for 'Devx'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Internet.com - Search for 'Internet.com'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
StackOverFlowError while creating Mac object on AS400/Java

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am a newbie to AS400-Java programming. I am trying to create my first program to test the implementation of Message Authentication Code (MAC). I am trying to use the HMACSHA1 hash function. My (Java 1.4) program runs fine on a dev box (V5R4).But fails terribly on the QA box (V5R3). My… >>> More
Google App Engine - Spring Security Issue (java.security.AccessControlException)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm currently getting the AccessControlException below when I deploy to app engine (I don't see it when I run in my local environment). I'm using GAE 1.3.1, Spring 3.0.1, and Spring Security 3.0.2. Any ideas how to get around this issue? It appears to be an issue with Spring Security trying to get… >>> More