I am working on asp.net application in asp.net technology the application is very old around 10 years back.
I am using this configuration in web.config:
<sessionState mode="StateServer" stateConnectionString="tcp
.1:42424" cookieless="UseCookies" timeout="20" cookieName ="DrainId"/>
As we know that Session hijacking means if someone steal/copy session cookie
and paste it another browser then the one can access any inner page of the web application.
how can we stop the session hijacking so that if session cookie is pasted in another browser we can redirect such request to the login page.