Trying to Get PCI Compliant and get error "Sensitive Cookie Missin

[Guest]

Hi Everyone,

 

I am trying to get my site and cart PCI Compliant (secure credit card transactions) and am using McAfee Secure.

 

I am not getting this message: "Sensitive Cookie Missing 'HTTPONLY' Attribute" which means there is a security risk and something I have to fix.

 

Anyone heard of this, know how to fix?  My CubeCart is hosted on Bluehost.

 

Thanks.

Patrice

 

[Dirty Butter]

Someone who might be able to help you resolve this will need to know about your setup. Please create your signature with as much pertinent info as possible.

[bsmither]

The latest versions of CubeCart 5 sends the word httponly in the cookie. Note that it is lower-case. I have no knowledge if letter-case makes a difference.

[Guest]

HI, I have version 5.1.3 and this version gets the error.

 

The fix, according to McAfee is: "Set the "HTTPONLY" flag for cookies containing sensitive information, particularly session tokens."

 

Have no idea how to do this.

 

The latest versions of CubeCart 5 sends the word httponly in the cookie. Note that it is lower-case. I have no knowledge if letter-case makes a difference.

Hi,

 

What other info are you referring to?

 

I have version 5.1.3.  It rests on Bluehost's servers.

 

Thanks.

 

Someone who might be able to help you resolve this will need to know about your setup. Please create your signature with as much pertinent info as possible.

[Dirty Butter]

You can find your server information on Admin/Dashboard/Store Overview. Knowing the CC version may be enough information to solve this, but I'm not knowledgeable enough to know if it is or not. And you may have issues in the future that could be resolved faster by not having to ask about your version of PHP and Server Software. Also it helps at times to know if this is a clean install or an upgrade and if so, from what. Having the link to your store can be helpful, too.