Enforce secure flag on cookies

When enabled, securing cookies will prevent users from logging in or making requests over HTTP. This assists clients in formally passing security PEN tests.

To enforce a secure flag on cookies, follow these steps:

1. Open C:\GpsGateServer\Franson NMEA Service\GpsGate.Service.exe.config file (e.g. using Notepad++).

2. In the <appSettings> section, add the following key:

<add key="EnforceSecureCookie" value="true" />

3. Save the file.

4. Open C:\GpsGateServer\IIS\web.config (e.g. using Notepad++).

5. Add the following line inside <system.webServer>:

<system.webServer>
    <httpProtocol>
        <customHeaders>
            <add name="Strict-Transport-Security" value="max-age=31536000"/>
        </customHeaders>
    </httpProtocol>
</system.webServer>

6. Save the file.

7. Restart Franson NMEA service.

Enforce secure flag on cookies

Related articles