There are two possible ways to achieve this in Nginx web server.
By using “add_header” directive
An easy way to set cookie flag as HTTPOnly and Secure in Set-Cookie HTTP response header. Take a backup of the necessary configuration file and add the following in nginx.conf under http block.
add_header Set-Cookie "Path=/; HttpOnly; Secure";
Restart Nginx to verify the results
By using proxy_cookie_path
Another alternative option is to add the below syntax in ssl.conf or default.conf
proxy_cookie_path / "/; HTTPOnly; Secure";
Restart the Nginx to see the results
If you are testing Intranet based sites, then you can use “Developer Tools” in Chrome to examine the request headers. However, for Internet-facing, you can use an online HTTP response header checker tool.
As the founder of Geekflare, I’ve helped millions to excel in the digital realm. Passionate about technology, I’m on a mission to explore the world and amplify growth for professionals and businesses alike.