Received the following request:
We are informed by the security team regarding the following:
QID13162: Session Cookie Does Not Contain the Secure" Attribute"
It's for the PMM running on port 80.
We are running PMM 1.17.3 on a dedicated VM (RHEL7).
Any fix for this issue?
This seems to be inline to what has been reported in https://www.learningpenguin.net/2017/10/17/session-cookie-not-contain-secure-attribute/#:~:text=To%20prevent%20this%2C%20a%20%E2%80%9Csecure,connection%2C%20not%20over%20HTTP%20connection.
- We need to update https://www.percona.com/doc/percona-monitoring-and-management/security.html with information/steps how to enable secured cookies in grafana for https
- add a general recommendation for the most secured way - do not expose PMM to the internet if no need