Trouble disabling suhosin encrypt on server

Hi, I have the " whoops session expired" syndrome.
On searching the forum, i came across a fix a .htaccess file

Code:

php_flag suhosin.session.encrypt off

i asked my host if it was alright to place this file in the root dir?
They've replied with this:
"As per suggested, suhosin.session.encrypt has been disabled for your domain."
My question is, will this do the same as the .htaccess file, and will harm Zen-cart operation?

My host is; eukhost
The site is installed on a linux server

Many thanks for in advance for you assistance

Soul39

Weii, after they did their stuff, i tested the site, went through a checkout, no "whoops" , so, i guess everything is ok for now.
But, should i still place the .htaccess file in the root dir, will it stop this from ever happening again.

code:
php_flag suhosin.session.encrypt off

Soul39

Quote:

---

Originally Posted by Soul39

But, should i still place the .htaccess file in the root dir, will it stop this from ever happening again.

---

You could, but it would be unnecessary if your host has already taken care of it for you.

That (.htaccess) will only work if you are using mod_php which you can find out by going into

admin > Server version/ info

if you see anything that mentioned php-cgi or fast-cgi or suExec (possiblly mod_suPHP), then you would need a php.ini file in every folder where php was running and that is if the host allowed you that option. You'd need to be able to copy the main host's php.ini too (it would be listed in the version info) and you may not have access to that file due to security restrictions.

Matt.

Yes,
but, what if they tinker again, and the problem reoccurs?
Is it not best to have something in place to prevent it?

Matt,
all that sounds a bit complicated, mate. So, i guess i will leave as is, if it's not broken, and all that.
But, i will try to have a look at the server info you mentioned.

Soul39