Httponly

  • Resolved angpanday

    (@angpanday)


    1 year, 7 months ago

    I urgently need to have my website fixed. It has a vulnerability issue:

    150123 – Cookie Does Not Contain the ‘HTTPOnly’ Attribute

    I’m currently using the free version. If I upgrade to the paid version, will it fix the problem?

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    1 year, 7 months ago

    Hi @angpanday,

    This doesn’t look like a Wordfence scan result message. Does the message indicate that this concerns a cookie set by Wordfence on your website? If not, it may need to be raised with the plugin developer involved.

    It looks here like Wordfence cookies are set HTTPOnly. It’s possible the message is being thrown about wp-settings-1, which isn’t sensitive, and may need to be read by JavaScript for some of WordPress’ functionality. If a session token or cookie from a plugin containing sensitive information was the cause of the message, it would be important to check.

    Thanks,
    Peter.

Viewing 1 replies (of 1 total)

The topic ‘Httponly’ is closed to new replies.