If you have a support question or comment, click the Post New Topic link below. Sytist Manual | Sytist Articles | Facebook Page.

How To Secure Website Cookies

 
Please log in or Create an account to post or reply to topics.
 
M Davis
Sat Oct 21, 17
5:15 PM
I ran a security check on my website from the 1and1 control panel which provided the following.

"Action recommended

"Secure your cookies

"Your website uses unsecured cookies, which can be read via JavaScript. This could allow an attacker, for example, to more easily access customer data in the current user session.

"In most cases, it is not necessary for web applications to access cookies in the browser. Browsers have a built-in feature which allows you to control whether or not a cookie is accessible. To enable this feature, set up the Http-Only flag in the 'Set-Cookie' response header:

"Set-Cookie: MyCookie=MyValue; path=/; HttpOnly

"If you are using PHP, you can set the flag simply by using the setcookie()function. PHP already sets a session cookie itself – you can influnce the behaviour of this by using the session_set_cookie_params()function."

How do I implement the above?
Edited Sat Oct 21, 17 5:15 PM by M Davis
 
 
 
 
 
M. Davis
Tim - PicturesPro.com
admin
Sun Oct 22, 17
10:12 AM
There is no customer information stored in the cookies.
 
 
 
 
 
Tim Grissett, DIA - PicturesPro.com || My Email Address: info@picturespro.com

Loading more pages
Sign up for email promotions.
Your information is safe with us and won't be shared.
Thank you for signing up!
 
©2003 - 2017 Grissett, LLC. All Rights Reserved.
Loading More Photos
Scroll To Top
Close Window
Loading
Close