https://unaaldia.hispasec.com/2004/01/secuestro-de-sesiones-https-a-traves-de-mod_php-de-apache.html