What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

How to set the "secure" flag for session cookies?

Votes:

0

I want to make sure that session-related cookie data is sent over secure channels. How can I do this?

cookie prtg reghack security session

Created on Mar 25, 2021 9:49:36 AM by Brandy Greger [Paessler Support]

Last change on Mar 25, 2021 10:59:31 AM by Brandy Greger [Paessler Support]



1 Reply

Votes:

0

This article applies as of PRTG 20.3.60

Force "secure" flag for HTTP cookies

As of PRTG 20.3.60, PRTG provides the option to force the "secure" flag for HTTP cookies. The corresponding registry key option allows you to do this. It is not mandatory, however, if you do not configure the registry hack, cookies will not have the "secure" flag set. Forcing the flag is especially necessary if you use SSL offloading.

Important: If you enable this registry hack, clients that reach the PRTG web server without HTTPS, either directly or behind the load balancer, will not be able to stay logged in to PRTG because the authentication cookie will not work.

Steps to take

Caution: Back up your system before you manipulate the Windows registry!

  1. Open the registry editor and navigate to the following key:
    1. On a 64-bit Windows system, navigate to HKEY_LOCAL_MACHINE\Software\Wow6432Node\Paessler\PRTG Network Monitor\Server\Webserver
    2. On a 32-bit Windows version, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Paessler\PRTG Network Monitor\Server\Webserver
  2. Create a new DWORD value:
    1. In the current path, right-click to open the context menu.
    2. Select New | DWORD.
    3. Name the new value forceCookiesSecure.
  3. Set the value of forceCookiesSecure:
    1. Right-click forceCookiesSecure .
    2. Select Modify.
    3. Under Value data, enter 1.
    4. Confirm with OK.
  4. Restart the PRTG core server to activate the settings.

PRTG now forces the "secure" flag for HTTP cookies.

Created on Mar 25, 2021 10:03:39 AM by Brandy Greger [Paessler Support]

Last change on Mar 25, 2021 11:00:21 AM by Brandy Greger [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.