Reputation: 1437
Cakephp and setup fault notices
I have two warnings related to cakephp security
Please change the value of 'Security.salt' in app/Config/core.php to a salt value specific to your application [CORE\Cake\Utility\Debugger.php, line 717]
Please change the value of 'Security.cipherSeed' in app/Config/core.php to a numeric (digits only) seed value specific to your application [CORE\Cake\Utility\Debugger.php, line 721]
But I have no idea of what that actually means. Is it just alright to leave them as they are even in really large and important applications ?
Upvotes: 0
Views: 2631
Answers (1)
Reputation: 400922
Well, reading those two messages, I would say you must edit the app/Config/core.php file, to put values that are specific to you / your application, and cannot be guessed, for the two Security.salt and Security.cipherSeed configuration entries.
Considering the names of those properties, using specific values (unique to your application, and not common to all Cakephp applications in the world) is probably better for security.
And, answering your "is it alright to leave them as they are ?" question : if you get security-related warnings, do you really think it's OK to just ignore them ?
Upvotes: 2
Related Questions
- Warning while doing setup CakePHP project
- Cakephp error messages might be my .htaccess file
- CakePHP notices pre-fixed with 'Debug: '; go into debug.log
- CakePHP error message position
- I cant get through these CakePHP errors
- CakePHP dies instead of telling me the error
- ErrorHandler::handleError - Cakephp
- Logging PHP fatal-errors in CakePHP system
- Cakephp showing errors when deployed in server
- PHP Error in CakePHP