If you have a support question or comment, click the Post New Topic link below. Sytist Manual | Sytist Articles | Facebook Page.

How To Secure Website Cookies

 
Please log in or Create an account to post or reply to topics.
 
M Davis
246 posts
Sat Oct 21, 17
5:15 PM
I ran a security check on my website from the 1and1 control panel which provided the following.

"Action recommended

"Secure your cookies

"Your website uses unsecured cookies, which can be read via JavaScript. This could allow an attacker, for example, to more easily access customer data in the current user session.

"In most cases, it is not necessary for web applications to access cookies in the browser. Browsers have a built-in feature which allows you to control whether or not a cookie is accessible. To enable this feature, set up the Http-Only flag in the 'Set-Cookie' response header:

"Set-Cookie: MyCookie=MyValue; path=/; HttpOnly

"If you are using PHP, you can set the flag simply by using the setcookie()function. PHP already sets a session cookie itself – you can influnce the behaviour of this by using the session_set_cookie_params()function."

How do I implement the above?
Edited Sat Oct 21, 17 5:15 PM by M Davis
 
 
 
 
 
M. Davis
Tim - PicturesPro.com
9766 posts
admin
Sun Oct 22, 17
10:12 AM
There is no customer information stored in the cookies.
 
 
 
 
 
Tim Grissett, DIA - PicturesPro.com || My Email Address: info@picturespro.com
Loading more pages
Loading more pages

Sign up for email promotions.

Your information is safe with us and won't be shared.

Thank you for signing up!

 
©2003 - 2017 Grissett, LLC. All Rights Reserved.

By continuing to browse or by clicking Accept Cookies, you agree to the storing of cookies on your device necessary to provide you with the services available through our website.

    Accept   Privacy & Cookie Policy
Loading More Photos
Scroll To Top
Close Window
Loading
Close