From 922d2367f2d273ec2cdc0c60c1c8b395f351d04f Mon Sep 17 00:00:00 2001
From: Paolo <bison@technikum-wien.at>
Date: Tue, 5 Feb 2019 10:49:08 +0100
Subject: [PATCH] - Changed the name of CI session from ci_session to
 sess_ci_session - Changed CI session expiring time from 7200 to 1800 seconds

---
 application/config/config.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/application/config/config.php b/application/config/config.php
index 2602c12cf..d0bca14b9 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -347,6 +347,7 @@ $config['encryption_key'] = '';
 | 'sess_time_to_update'
 |
 |	How many seconds between CI regenerating the session ID.
+|	NOTE: Keep it as it is to prevent security issues (https://en.wikipedia.org/wiki/Session_fixation)
 |
 | 'sess_regenerate_destroy'
 |
@@ -359,8 +360,8 @@ $config['encryption_key'] = '';
 |
 */
 $config['sess_driver'] = 'files';
-$config['sess_cookie_name'] = 'ci_session';
-$config['sess_expiration'] = 7200;
+$config['sess_cookie_name'] = 'sess_ci_session';
+$config['sess_expiration'] = 1800; // Session expires every 30 minutes
 $config['sess_save_path'] = NULL;
 $config['sess_match_ip'] = FALSE;
 $config['sess_time_to_update'] = 300;