{"id":1134,"date":"2025-01-19T17:27:23","date_gmt":"2025-01-19T14:27:23","guid":{"rendered":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/"},"modified":"2025-01-19T17:27:23","modified_gmt":"2025-01-19T14:27:23","slug":"enhancing-cookie-security-on-linux-servers-with-httponly-flags","status":"publish","type":"post","link":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/","title":{"rendered":"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags"},"content":{"rendered":"


\n<\/p>\n

With ever-increasing concerns around web security, protecting user data has never been more crucial. One vital component in safeguarding sensitive information is the secure management of cookies, particularly through the use of HTTPOnly flags. In this article, we will explore the significance of HTTPOnly flags for cookies, how they work, and how to implement them on your Linux servers.<\/p>\n

<\/p>\n

Understanding Cookies and Their Vulnerabilities<\/h2>\n

<\/p>\n

Cookies are small pieces of data stored on a user’s computer by their web browser while browsing a website. They serve a variety of functions, including maintaining user sessions, storing user preferences, and tracking user behavior. However, cookies can be vulnerable to several types of attacks, such as Cross-Site Scripting (XSS), where malicious scripts can manipulate or access cookies without the user\u2019s consent.<\/p>\n

<\/p>\n

What is the HTTPOnly Flag?<\/h3>\n

<\/p>\n

The HTTPOnly flag is an HTTP response header that can be set to prevent client-side scripts (like JavaScript) from accessing specific cookies. By adding this flag, you help ensure that cookies remain accessible only to the server, significantly reducing the risk of XSS attacks. When a cookie has the HTTPOnly attribute, it instructs the browser not to allow any scripts to access this cookie, thus enhancing its security.<\/p>\n

<\/p>\n

Benefits of HTTPOnly Cookies<\/h2>\n

<\/p>\n

    <\/p>\n
  1. \n

    Reduced Risk of XSS Attacks<\/strong>: By preventing scripts from accessing cookies, the HTTPOnly flag mitigates the risk that an attacker could hijack a user’s session via cross-site scripting.<\/p>\n

    \n<\/li>\n

    <\/p>\n

  2. \n

    Improved User Privacy<\/strong>: Securing cookies helps protect user data and privacy, allowing users to browse your site without the fear of personal data theft.<\/p>\n

    \n<\/li>\n

    <\/p>\n

  3. Better Compliance with Security Standards<\/strong>: Many regulatory frameworks require robust data protection measures, and implementing HTTPOnly flags helps meet these requirements.<\/li>\n

    \n<\/ol>\n

    <\/p>\n

    Implementing HTTPOnly Flags on Linux Servers<\/h2>\n

    <\/p>\n

    To enable HTTPOnly flags for your cookies on a Linux server, you typically need to modify your web server’s configuration. Below are steps for doing this with popular web servers like Apache and Nginx.<\/p>\n

    <\/p>\n

    1. Apache Server<\/h3>\n

    <\/p>\n

    If you\u2019re using an Apache server, you can set the HTTPOnly flag for cookies using the Header<\/code> directive. Follow these steps:<\/p>\n

    <\/p>\n

      <\/p>\n
    1. \n

      Find your Apache configuration file. This is often located at \/etc\/httpd\/conf\/httpd.conf<\/code> or \/etc\/apache2\/apache2.conf<\/code>.<\/p>\n

      \n<\/li>\n

      <\/p>\n

    2. \n

      Open the configuration file in your favorite text editor:<\/p>\n

      <\/p>\n

      sudo nano \/etc\/apache2\/apache2.conf<\/code><\/pre>\n
      \n<\/li>\n
      <\/p>\n
    3. \n
      Add the following lines within a relevant <Directory><\/code> or <VirtualHost><\/code> block:<\/p>\n
      <\/p>\n
      Header edit Set-Cookie ^(.*)$ \"$1; HttpOnly\"<\/code><\/pre>\n
      \n<\/li>\n
      <\/p>\n
    4. \n
      Save your changes and exit the editor.<\/p>\n
      \n<\/li>\n
      <\/p>\n
    5. Restart Apache to apply the changes:\n
      sudo systemctl restart apache2<\/code><\/pre>\n<\/li>\n
      \n<\/ol>\n
      <\/p>\n
      2. Nginx Server<\/h3>\n
      <\/p>\n
      For Nginx, setting the HTTPOnly flag can be done in the server block of your configuration file. Here’s how:<\/p>\n
      <\/p>\n
        <\/p>\n
      1. \n
        Locate your Nginx configuration file, often found at \/etc\/nginx\/nginx.conf<\/code> or within \/etc\/nginx\/sites-available\/<\/code>.<\/p>\n
        \n<\/li>\n
        <\/p>\n
      2. \n
        Open the configuration file:<\/p>\n
        <\/p>\n
        sudo nano \/etc\/nginx\/nginx.conf<\/code><\/pre>\n
        \n<\/li>\n
        <\/p>\n
      3. \n
        In your server block, add the following directive to set the HTTPOnly flag:<\/p>\n
        <\/p>\n
        add_header Set-Cookie \"your_cookie_name=your_cookie_value; HttpOnly\";<\/code><\/pre>\n
        \n<\/li>\n
        <\/p>\n
      4. \n
        Save the file and exit the editor.<\/p>\n
        \n<\/li>\n
        <\/p>\n
      5. \n
        Test your Nginx configuration for syntax errors:<\/p>\n
        <\/p>\n
        sudo nginx -t<\/code><\/pre>\n
        \n<\/li>\n
        <\/p>\n
      6. If the configuration is valid, restart Nginx:\n
        sudo systemctl restart nginx<\/code><\/pre>\n<\/li>\n
        \n<\/ol>\n
        <\/p>\n
        3. Using Application Frameworks<\/h3>\n
        <\/p>\n
        If you are using an application framework (like Node.js, Django, or Flask), you can typically set the HTTPOnly attribute within your application code. Here\u2019s a quick example for Node.js:<\/p>\n
        <\/p>\n
        res.cookie('my_cookie', 'cookie_value', { httpOnly: true });<\/code><\/pre>\n
        <\/p>\n
        Conclusion<\/h2>\n
        <\/p>\n
        Enhancing cookie security on your Linux servers using HTTPOnly flags is a straightforward yet effective method to reduce vulnerabilities associated with cookie manipulation and theft. With a minimal configuration effort, you can significantly improve your web application’s resilience against security threats. As cyber threats evolve, so should our security practices. Making HTTPOnly cookies a standard practice is a step in the right direction toward safeguarding user data.<\/p>\n
        <\/p>\n
        Make it a priority to regularly update your security practices and stay informed about the latest vulnerabilities and solutions in web development and server management. By taking proactive measures like implementing HTTPOnly flags, you’re not just protecting your users\u2014you’re building trust in your web applications.<\/p>\n\n","protected":false},"excerpt":{"rendered":"
        With ever-increasing concerns around web security, protecting user data has never been more crucial. One vital component in safeguarding sensitive information is the secure management of cookies, particularly through the use of HTTPOnly flags. In this article, we will explore the significance of HTTPOnly flags for cookies, how they work, and how to implement them […]<\/p>\n","protected":false},"author":2,"featured_media":1135,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[22],"tags":[760,290,762,761,265,291,302],"class_list":["post-1134","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux-security","tag-cookie","tag-enhancing","tag-flags","tag-httponly","tag-linux","tag-security","tag-servers","et-has-post-format-content","et_post_format-et-post-format-standard"],"yoast_head":"\nEnhancing Cookie Security on Linux Servers with HTTPOnly Flags - WafaTech Blogs<\/title>\n<meta name=\"description\" content=\"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags %\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags\" \/>\n<meta property=\"og:description\" content=\"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags %\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/\" \/>\n<meta property=\"og:site_name\" content=\"WafaTech Blogs\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/WafaTech\/61560546351289\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-01-19T14:27:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"2221\" \/>\n\t<meta property=\"og:image:height\" content=\"482\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"WafaTech SA\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@wafatech_sa\" \/>\n<meta name=\"twitter:site\" content=\"@wafatech_sa\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"WafaTech SA\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/\"},\"author\":{\"name\":\"WafaTech SA\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/person\\\/1a5761fc0feb63ab59d295d7c2648f06\"},\"headline\":\"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags\",\"datePublished\":\"2025-01-19T14:27:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/\"},\"wordCount\":619,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/Enhancing-Cookie-Security-on-Linux-Servers-with-HTTPOnly-Flags.png\",\"keywords\":[\"Cookie\",\"Enhancing\",\"Flags\",\"HTTPOnly\",\"Linux\",\"Security\",\"Servers\"],\"articleSection\":[\"Linux Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/\",\"name\":\"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags - WafaTech Blogs\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/Enhancing-Cookie-Security-on-Linux-Servers-with-HTTPOnly-Flags.png\",\"datePublished\":\"2025-01-19T14:27:23+00:00\",\"description\":\"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags %\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/#primaryimage\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/Enhancing-Cookie-Security-on-Linux-Servers-with-HTTPOnly-Flags.png\",\"contentUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/Enhancing-Cookie-Security-on-Linux-Servers-with-HTTPOnly-Flags.png\",\"width\":1024,\"height\":1024,\"caption\":\"linux server cookie security with HTTPOnly flags\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/\",\"name\":\"WafaTech Blogs\",\"description\":\"Smart Technologies\",\"publisher\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#organization\"},\"alternateName\":\"WafaTech\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#organization\",\"name\":\"WafaTech Blogs\",\"alternateName\":\"WafaTech\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/logo_big.webp\",\"contentUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/logo_big.webp\",\"width\":2221,\"height\":482,\"caption\":\"WafaTech Blogs\"},\"image\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/WafaTech\\\/61560546351289\\\/\",\"https:\\\/\\\/x.com\\\/wafatech_sa\",\"https:\\\/\\\/www.youtube.com\\\/@wafatech-sa\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/wafatech\\\/\"],\"description\":\"WafaTech, a leading Saudi IT services provider, specializes in cloud solutions, connectivity, and ICT services. Offering secure cloud infrastructure, high-speed internet, and ICT solutions like hosting, backup, and disaster recovery, WafaTech operates a Tier 3 data center at KAUST with ISO certifications. Regulated by CST, the company is committed to innovation, security, and customer satisfaction, empowering businesses in the digital age.\",\"email\":\"sales@wafatech.sa\",\"legalName\":\"Al-Wafa Al-Dhakia For Information Technology LLC\",\"foundingDate\":\"2013-01-08\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"11\",\"maxValue\":\"50\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/person\\\/1a5761fc0feb63ab59d295d7c2648f06\",\"name\":\"WafaTech SA\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g\",\"caption\":\"WafaTech SA\"},\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/author\\\/omer-yaseen\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags - WafaTech Blogs","description":"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags %","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/","og_locale":"en_US","og_type":"article","og_title":"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags","og_description":"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags %","og_url":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/","og_site_name":"WafaTech Blogs","article_publisher":"https:\/\/www.facebook.com\/people\/WafaTech\/61560546351289\/","article_published_time":"2025-01-19T14:27:23+00:00","og_image":[{"width":2221,"height":482,"url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp","type":"image\/webp"}],"author":"WafaTech SA","twitter_card":"summary_large_image","twitter_creator":"@wafatech_sa","twitter_site":"@wafatech_sa","twitter_misc":{"Written by":"WafaTech SA","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/#article","isPartOf":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/"},"author":{"name":"WafaTech SA","@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/person\/1a5761fc0feb63ab59d295d7c2648f06"},"headline":"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags","datePublished":"2025-01-19T14:27:23+00:00","mainEntityOfPage":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/"},"wordCount":619,"commentCount":0,"publisher":{"@id":"https:\/\/wafatech.sa\/blog\/#organization"},"image":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/#primaryimage"},"thumbnailUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/01\/Enhancing-Cookie-Security-on-Linux-Servers-with-HTTPOnly-Flags.png","keywords":["Cookie","Enhancing","Flags","HTTPOnly","Linux","Security","Servers"],"articleSection":["Linux Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/","url":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/","name":"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags - WafaTech Blogs","isPartOf":{"@id":"https:\/\/wafatech.sa\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/#primaryimage"},"image":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/#primaryimage"},"thumbnailUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/01\/Enhancing-Cookie-Security-on-Linux-Servers-with-HTTPOnly-Flags.png","datePublished":"2025-01-19T14:27:23+00:00","description":"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags %","breadcrumb":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/#primaryimage","url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/01\/Enhancing-Cookie-Security-on-Linux-Servers-with-HTTPOnly-Flags.png","contentUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/01\/Enhancing-Cookie-Security-on-Linux-Servers-with-HTTPOnly-Flags.png","width":1024,"height":1024,"caption":"linux server cookie security with HTTPOnly flags"},{"@type":"BreadcrumbList","@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/enhancing-cookie-security-on-linux-servers-with-httponly-flags\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wafatech.sa\/blog\/"},{"@type":"ListItem","position":2,"name":"Enhancing Cookie Security on Linux Servers with HTTPOnly Flags"}]},{"@type":"WebSite","@id":"https:\/\/wafatech.sa\/blog\/#website","url":"https:\/\/wafatech.sa\/blog\/","name":"WafaTech Blogs","description":"Smart Technologies","publisher":{"@id":"https:\/\/wafatech.sa\/blog\/#organization"},"alternateName":"WafaTech","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wafatech.sa\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/wafatech.sa\/blog\/#organization","name":"WafaTech Blogs","alternateName":"WafaTech","url":"https:\/\/wafatech.sa\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp","contentUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp","width":2221,"height":482,"caption":"WafaTech Blogs"},"image":{"@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/WafaTech\/61560546351289\/","https:\/\/x.com\/wafatech_sa","https:\/\/www.youtube.com\/@wafatech-sa","https:\/\/www.linkedin.com\/company\/wafatech\/"],"description":"WafaTech, a leading Saudi IT services provider, specializes in cloud solutions, connectivity, and ICT services. Offering secure cloud infrastructure, high-speed internet, and ICT solutions like hosting, backup, and disaster recovery, WafaTech operates a Tier 3 data center at KAUST with ISO certifications. Regulated by CST, the company is committed to innovation, security, and customer satisfaction, empowering businesses in the digital age.","email":"sales@wafatech.sa","legalName":"Al-Wafa Al-Dhakia For Information Technology LLC","foundingDate":"2013-01-08","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"11","maxValue":"50"}},{"@type":"Person","@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/person\/1a5761fc0feb63ab59d295d7c2648f06","name":"WafaTech SA","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g","caption":"WafaTech SA"},"url":"https:\/\/wafatech.sa\/blog\/author\/omer-yaseen\/"}]}},"jetpack_featured_media_url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/01\/Enhancing-Cookie-Security-on-Linux-Servers-with-HTTPOnly-Flags.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/posts\/1134","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/comments?post=1134"}],"version-history":[{"count":0,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/posts\/1134\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/media\/1135"}],"wp:attachment":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/media?parent=1134"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/categories?post=1134"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/tags?post=1134"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}