Setting Secure Cookie Attributes in Nginx

Securing your cookies is crucial for protecting user data and preventing security vulnerabilities. Follow these steps to set secure cookie attributes in your Nginx web server.

Step 1: Edit Nginx Configuration

Edit your Nginx configuration file, which is typically located at /etc/nginx/nginx.conf or /etc/nginx/sites-available/default.

sudo nano /etc/nginx/nginx.conf

Step 2: Add Cookie Attributes

Insert the following lines at the appropriate location in your Nginx configuration file to set secure cookie attributes:


server {
    # Other server configurations...

    location / {
        # Other location configurations...

        # Set secure cookie attributes
        add_header Set-Cookie "HttpOnly;Secure";
    }
}

This configuration adds the 'HttpOnly' attribute, preventing JavaScript access to the cookie, and the 'Secure' attribute, ensuring the cookie is only sent over HTTPS connections.

Step 3: Save and Reload Nginx

Save your changes and reload Nginx to apply the new configuration:

sudo systemctl reload nginx