Enforce secure flag on cookies

Securing cookies will not let users log in or make requests over HTTP when enabled. This assists clients to formally pass security PEN tests.

To enforce secure flag on cookies, follow these steps:

1. Open C:\GpsGateServer\Franson NMEA Service\GpsGate.Service.exe.config file (e.g. using Notepad++).

2. In the <appSettings> section, add the following key:

<add key="EnforceSecureCookie" value="true" />

3. Save the file.

4. Open C:\GpsGateServer\IIS\web.config (e.g. using Notepad++).

5. Add the following line inside <system.webServer>:

<system.webServer>
    <httpProtocol>
        <customHeaders>
            <add name="Strict-Transport-Security" value="max-age=31536000"/>
        </customHeaders>
    </httpProtocol>
</system.webServer>

6. Save the file.

7. Restart Franson NMEA service.

Enforce secure flag on cookies

Related articles