1. JanKanis
  2. phpshell


jank...@b7c52663-8f12-0410-848f-ff3e29dadc7b  committed 8d6881b Draft

fix typo in SECURITY

  • Participants
  • Parent commits accd485
  • Branches default

Comments (0)

Files changed (1)


View file
  • Ignore whitespace
 and matches the current session, if not the request is discarded. A 
 form generated by a different webpage does not know the secret csrf 
 token, so it cannot construct a valid form. PHP Shell implements this 
-protection as of version 2.6. 
+protection as of version 2.5. 
 Attacks against the session
 from a large character set, e.g. lower case and upper case letters, 
 numbers, and special characters. 
-As of version 2.6, PHP Shell also implements rate limiting. Every time 
+As of version 2.5, PHP Shell also implements rate limiting. Every time 
 a login attempt fails, this is logged in a file (the location of which 
 is configurable). After the third failed log in attempt from one IP 
 address, PHP Shell enforces a timeout during which a user won't be