This is an old revision of the document!

LiteSpeed Alternative to Apache Header Edit

LiteSpeed doesn't support Apache's header “edit” directive, and so the following Apache directive won't work on LiteSpeed: 

Header always edit Set-Cookie (.*) "$1;HTTPOnly;Secure"

This particular case, which involves patching Set-Cookie with a secure flag when served over HTTPS, is automatically handled by LiteSpeed Web Server as of v5.4.5, and so it is unnecessary to use a directive for that.

For other cookie settings, you should be able to use php.ini. For example: 

  session.cookie_httponly=On
  • Admin
  • Last modified: 2020/09/01 17:56
  • by Lisa Clarke