Secure Cookies - Failed PCI scan.

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.

Total Posts: 67
Karma: 465
Joined: 8/13/2014
Location: United Kingdom

Posted: 6 years ago

We have a site running on V3.6 that has failed a WorldPay PCI scan by SYSNET for not delivering secure cookies. The whole site runs on https secure URLS with a redirect from non-SLL to SSL. How do we redirect the cookies to be delivered via SSL? Thank you, James

jamesg

Total Posts: 67
Karma: 465
Joined: 8/13/2014
Location: United Kingdom

Posted: 6 years ago

I have been informed it is a simple task of adding to the web.config file under <system.web>, the following <httpCookies requireSSL="true" />.
Does anyone have any knowledge if this is correct? Any help is appreciated. Many thanks.

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.

Still have questions or need help?

. Premium support services . Get dedicated support from the nopCommerce team with a guaranteed response within 24 hours.

. Online course for developers . Get the practical and technical skills you need to run and customize nopCommerce websites.