We are experiencing a problem after the adoption of nginx as a server (apache had before).
It turns out that we are seeing many cases of clients that access data from other users in the session. This is because the login system (PHP) are stored in cookies. These cookies are being "shared" in computers on the same corporate network.
We realize that this problem only happens for several customers who are on the same network - that is, have the same external IP shared via single access point(NAT).
We've tried to do much to avoid the problem by adding validations and hash on cookies, but eventually realized that our server simply can not store cookies properly, and for the same network multiple machines share the cookie, which must be just a browser .
We are not sure if the problem is in NGINX, but we suspect it before the migration of APACHE -> nginx does not have the problem.
Is there some setting that can be done to remedy this problem?
Thanks for the help!