How to Enable Secure Cookie Setting

How to Enable Secure Cookie Setting in WordPress


Do you want to enable secure cookie settings in WordPress?

Securing your WordPress website is essential for online business. Therefore you will want to enable HTTP Strict Transport Security in WordPress as well. We have written in our previous blog how to enable HSTS. Check it out here if you do not checked it yet.

Enable Secure Cookie Setting with HTTPOnly in WordPress

When you enable Really Simple SSL WordPress plugin you will see this warning in the setting page.

Really Simple SSL

Really Simple SSL

To enable this we need to edit wp-config.php file. Login to your web hosting and go to file manager to browser your web files.

Open public_html directory to access all files and there find that file. Right click on it, click on Edit to open in Editor.

Place the following code before /* That’s all, stop editing! Happy blogging. */

@ini_set(‘session.cookie_httponly’, true);


@ini_set(‘session.cookie_secure’, true);

@ini_set(‘session.use_only_cookies’, true);

header(‘X-Frame-Options: SAMEORIGIN’);

Code in wp-config

Code in wp-config

That’s it! Hit the save changes button to modify the file. And check back in Really Simple SSL setting page.

Comment below if you have any concern.


Anwer Ashif

Anwer Ashif

Founder of RainaStudio. Help businesses and individuals to create and outstand their online presence. Our success rate is measurable. Our blog served all around the world and counting.

One thought on “How to Enable Secure Cookie Setting in WordPress

Leave a Reply

Your email address will not be published. Required fields are marked *