Home/ Questions/Q 9159535
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T13:31:00+00:00

I can’t find any reference to the Security.level configuration setting from Cake 1.3 in

  • 0

I can’t find any reference to the Security.level configuration setting from Cake 1.3 in the CakePHP 2.2 manual.

I also can’t find any reference to this setting in the migration guide.

This setting had a big impact on the session timer in Cake 1.3.

Security.level

The level of CakePHP security. The session timeout time defined in ‘Session.timeout’ is multiplied according to the settings here.

‘high’ = x 10 ‘medium’ = x 100 ‘low’ = x 300 ‘high’ and ‘medium’ also enable session.referer_check

Has this setting in the config.php of an application been removed in CakePHP 2.x?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    No the setting has not been removed

    It still exists in core.php

    /**
 * The level of CakePHP security.
 */
Configure::write('Security.level', 'medium');

    But…

    It’s not used in 2.x.

    The only reference to this setting is in Security::inactiveMins – which isn’t called by anything else. Therefore, while there is still an artefact of this setting left over in 2.x, the intention of this setting has been removed and hence it’s not in the 2.x docs.

    • 0