What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
300.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

How to set the "secure" flag for session cookies?

Votes:

0

Your Vote:

Up

Down

I want to make sure that session-related cookie data is sent over secure channels. How can I do this?

cookie prtg reghack security session

Created on Mar 25, 2021 9:49:36 AM by  Brandy Greger [Paessler Support]

Last change on Mar 25, 2021 10:59:31 AM by  Brandy Greger [Paessler Support]



1 Reply

Votes:

0

Your Vote:

Up

Down

This article applies as of PRTG 20.3.60

Force "secure" flag for HTTP cookies

As of PRTG 20.3.60, PRTG provides the option to force the "secure" flag for HTTP cookies. The corresponding registry key option allows you to do this. It is not mandatory, however, if you do not configure the registry hack, cookies will not have the "secure" flag set. Forcing the flag is especially necessary if you use SSL offloading.


Important: If you enable this registry hack, clients that reach the PRTG web server without HTTPS, either directly or behind the load balancer, will not be able to stay logged in to PRTG because the authentication cookie will not work.


Steps to take

Caution: Back up your system before you manipulate the Windows registry!

  1. Open the registry editor and navigate to the following key:
    1. On a 64-bit Windows system, navigate to HKEY_LOCAL_MACHINE\Software\Wow6432Node\Paessler\PRTG Network Monitor\Server\Webserver
    2. On a 32-bit Windows version, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Paessler\PRTG Network Monitor\Server\Webserver
  2. Create a new DWORD value:
    1. In the current path, right-click to open the context menu.
    2. Select New | DWORD.
    3. Name the new value forceCookiesSecure.
  3. Set the value of forceCookiesSecure:
    1. Right-click forceCookiesSecure .
    2. Select Modify.
    3. Under Value data, enter 1.
    4. Confirm with OK.
  4. Restart the PRTG core server to activate the settings.

PRTG now forces the "secure" flag for HTTP cookies.

Created on Mar 25, 2021 10:03:39 AM by  Brandy Greger [Paessler Support]

Last change on Mar 25, 2021 11:00:21 AM by  Brandy Greger [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.