Once HTTPS is enabled in production, a few minor changes can be made to improve security: - [ ] Make cookies HTTPS only by setting the `secure` attribute. - [ ] Set the `force_ssh` attribute in production configuration.
Once HTTPS is enabled in production, a few minor changes can be made to improve security:
secureattribute.force_sshattribute in production configuration.