Hello. I use Asseto server manager on my server.
I tried to run scan to my server with ESET VULNERABILITY ASSESSMENT and there were founded some middle severity vulnerabilities.
First was "Missing 'HttpOnly' Cookie Attribute (HTTP)" and second "Missing 'Secure' Cookie Attribute (HTTP)".
Is possible to secure it? These warns are presented only for this web app. Other websites, which run on Apache are without the problem.
Below I added some report (screenshots) of the scan.
Hello. I use Asseto server manager on my server. I tried to run scan to my server with ESET VULNERABILITY ASSESSMENT and there were founded some middle severity vulnerabilities. First was "Missing 'HttpOnly' Cookie Attribute (HTTP)" and second "Missing 'Secure' Cookie Attribute (HTTP)".
Is possible to secure it? These warns are presented only for this web app. Other websites, which run on Apache are without the problem. Below I added some report (screenshots) of the scan.