[Suggested Solution] Failed to set session cookie. Maybe you are using HTTP instead of HTTPS

Ellery Leung
Jan 28 · 1 min read

TL;DR: look at your .htaccess file and see if there are any HTTPS related config enabled. If yes, disable it.

— —

First, please take a look at this issue (Open new window).

In my case, I have a production HTTPS site, while my local development site is just HTTP.

However, since you want your files between development and production are as synchronized as possible, you may not aware that your .htaccess file (assume using Apache), may be the problem.

In my .htaccess, I have these lines:

# https://geekflare.com/apache-web-server-hardening-security/#21-Remove-Server-Version-Banner<IfModule mod_headers.c>
# You can replace “PHP” with “-” to completely hide your PHP version
Header set X-Powered-By “PHP”
# If HTTPS
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
# If HTTP
# Header edit Set-Cookie ^(.*)$ $1;HttpOnly;
</IfModule>

Please note that the #If HTTPSis in effect now, but this may affect your server if you are in development/local server.

Just comment it out and use the next line, so it becomes:

# https://geekflare.com/apache-web-server-hardening-security/#21-Remove-Server-Version-Banner<IfModule mod_headers.c>
# You can replace “PHP” with “-” to completely hide your PHP version
Header set X-Powered-By “PHP”
# If HTTPS
#Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
# If HTTP
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;
</IfModule>

And it works.

Hope it helps someone.