|
|
|
|
|
|
by vidarh
5080 days ago
|
|
|
Doing server side IP checks is already easy, but in reality it can lead to massive amounts of user complaints when their sessions keep disappearing, because as it turns out, some user segments have a lot of users coming through proxies where each request is not guaranteed to come from the same IP. |
|
|
I suspect anyone suggesting that an IP be part of the session security has never actually tried it on a large scale.