Having HTTPOnly and Secure in HTTP response header can help to protect your web applications from cross-site scripting and session manipulation attacks. Here is how to configure HTTPOnly Secure Cookie Attribute in Apache.
Tag: mod_headers.so
Stay tuned! :)
