From bdd13bdf0526aa9a934059721c93127755fb93bb Mon Sep 17 00:00:00 2001
From: gergo <gergely@lonyai.com>
Date: Tue, 27 Nov 2018 15:32:57 +0100
Subject: [PATCH] Add session.cookie_httponly & session.cookie_secure to
 php-fpm config This make more secure the VestaCP

---
 src/rpm/conf/php-fpm.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/rpm/conf/php-fpm.conf b/src/rpm/conf/php-fpm.conf
index d9a047959..cd0005f82 100755
--- a/src/rpm/conf/php-fpm.conf
+++ b/src/rpm/conf/php-fpm.conf
@@ -32,3 +32,5 @@ php_admin_value[upload_max_filesize] = 512M
 php_admin_value[max_execution_time] = 600
 php_admin_value[max_input_time] = 600
 php_admin_value[session.save_path] = /usr/local/vesta/data/sessions
+php_admin_flag[session.cookie_httponly] = on
+php_admin_flag[session.cookie_secure] = on