Description

You can require the forms authentication cookie from your Web-based applications to use SSL. By setting the requireSSL attribute of the element to true, ASP.NET applications will use a secure connection when transmitting the authentication cookies to the Web server.

Remediation

To require SSL for authentication cookies, set the value of the requireSSL attribute of the element to true.

Example:

Related Vulnerabilities