This is something you should fix on whatever application is setting the cookie. It probably isn't nginx.
On Tue, Oct 10, 2017 at 10:04 AM, Johann Spies <jsp...@sun.ac.za> wrote: > A security scan on our server showed : > > Vulnerability Detection Method > Details: SSL/TLS: > Missing `secure` Cookie Attribute > OID:1.3.6.1.4.1.25623.1.0.902661 > Version used: > $Revision: 5543 > > This is on Debian 8.9. and nginx 1.6.2-5+deb8u5. > > I am uncertain on how to fix this using standard debian packages. > > Can you help me fixing this please? > > Regards > Johann > > > -- > Johann Spies Telefoon: 021-808 4699 > Databestuurder / Data manager Faks: 021-883 3691 > > Sentrum vir Navorsing oor Evaluasie, Wetenskap en Tegnologie > Centre for Research on Evaluation, Science and Technology > Universiteit Stellenbosch. > > The integrity and confidentiality of this email is governed by these terms > / Hierdie terme bepaal die integriteit en vertroulikheid van hierdie epos. > http://www.sun.ac.za/emaildisclaimer > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx >
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
