Help
FortiWeb
A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate.
shafiq23
Staff
Staff

Created on ‎02-26-2024 11:54 PM Edited on ‎02-26-2024 11:54 PM By Community Manager

Article Id 301500

Technical Tip: cookiesession1 secure flag requirement

Description This article describes the requirements of enabling cookiesession1 secure flag attribute.
Scope FortiWeb, FortiWeb-VM.
Solution

Requirement:

  1. HTTPS service is enabled in the server policy:

 

1.png

 

  1. Client management is enabled in the Web Protection Profile.

 

2.png

 

  1. Web Protection Profile is applied in server policy:

 

4.png

 

  1. CLI command 'set internal-cookie-secure enable' is applied in server policy:

 

3.png


Note:

Despite having a Cookie Security profile configured in the Web Protection Profile, the Cookie Secure attribute will not be set to true.

 

Follow the below article to enable and verify the cookiesession1 secure flag:

Technical-Tip: How to enable cookiessession1 with secure flag true 
102
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.