• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Resolved Web Application Cookies Lack Secure Flag and HttpOnly Flag

Martin73

Martin73

Basic Pleskian
I am using the service ScanMyServer from Beyond Security for my Nextcloud server. Since a few weeks i get the following message:
Web Application Cookies Lack Secure Flag

The following cookie does do not have the Secure cookie flag:
Cookie name: SameSite, Path: /, Secure Flag: 0
Click to expand...
Web Application Cookies Lack HttpOnly Flag

The following cookies do do not have set the HttpOnly cookie flag:
Cookie name: __Host-nc_sameSiteCookielax, Path: /, HttpOnly Flag: 0
Cookie name: __Host-nc_sameSiteCookiestrict, Path: /, HttpOnly Flag: 0
Cookie name: SameSite, Path: /, HttpOnly Flag: 0
Click to expand...

I have activated SSL/TLS support and SEO-safe permanent 301 redirect to https.
I'm not sure, is this now a server issue or an issue of Nextcloud? Security & setup warnings of Nextcloud is telling me: All checks passed.

OS ‪Ubuntu 18.04.2 LTS‬
Plesk Onyx 17.8.11
 

Attachments

  • Plesk_Security.PNG
    Plesk_Security.PNG
    5.8 KB · Views: 24
You must log in or register to reply here.

Similar threads

D
Input How to run Magento 2 on Plesk Obsidian 18 without Docker
Replies
6
Views
3K
WebHostingAce
WebHostingAce
B
Forwarded to devs Wordpress toolkit - odd behavior: Change of preferred domain triggers password change and makes admin interface inaccessible
Replies
2
Views
2K
IgorG
IgorG
I
Issue Issue with Docker Proxy / Forwarding a Subdomain to a Docker Container
Replies
0
Views
3K
Illiminator31
I
S
Issue Redirect from www. to non-www and http to https with Plesk Obsidian Apache / Nginx Cloudflare
Replies
5
Views
5K
trialotto
T
S
Resolved Redirection Issues Website
Replies
6
Views
6K
Sally1
S
Back
Top