How do I fix "Cookie missing Secure"?

Add Secure flag to cookies: Set-Cookie: session=value; Secure; HttpOnly; SameSite=Strict; Path=/

P2 · MediumSecurity

Cookie missing Secure

Cookie sent over HTTP

Code: cookie_missing_secure

Cookie sent over HTTP. Browsers and users expect sites to be secure. Missing protections expose visitors to data theft, phishing, and loss of trust.

Add Secure flag to cookies

http

Set-Cookie: session=value; Secure; HttpOnly; SameSite=Strict; Path=/

HTTPS certificate has expired

Certificate expires in < 7 days

Certificate expires in < 30 days

HTTP does not redirect to HTTPS

HTTPS page loads HTTP resources

Get a complete audit in under 2 minutes. No account required.