Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Apache webserver.

  1. Ensure mod_headers is enabled:

    sudo a2enmod headers

  2. Add to your VirtualHost or .htaccess:

    Header always edit Set-Cookie (.*) "$1; SameSite=Lax"

  3. Reload Apache:

    sudo systemctl reload apache2
Back to top