Do you want to enable secure cookie settings in WordPress?
Securing your WordPress website is essential for online business. Therefore you will want to enable HTTP Strict Transport Security in WordPress as well. We have written in our previous blog how to enable HSTS. Check it out here if you do not checked it yet.
Enable Secure Cookie Setting with HTTPOnly in WordPress
When you enable Really Simple SSL WordPress plugin you will see this warning in the setting page.
Really Simple SSL
To enable this we need to edit wp-config.php file. Login to your web hosting and go to file manager to browser your web files.
Open public_html directory to access all files and there find that file. Right click on it, click on Edit to open in Editor.
Place the following code before /* That’s all, stop editing! Happy blogging. */
@ini_set(‘session.cookie_httponly’, true);
@ini_set(‘session.cookie_secure’, true);
@ini_set(‘session.use_only_cookies’, true);
header(‘X-Frame-Options: SAMEORIGIN’);
Code in wp-config
That’s it! Hit the save changes button to modify the file. And check back in Really Simple SSL setting page.
Comment below if you have any concern.
One thought on “How to Enable Secure Cookie Setting in WordPress”
Does this apply to all cookies of the website?
For example twitter and youtube cookies too?