See: https://asafaweb.com/Scan?Url=https%3A%2F%2Fwww.achel.org%2Flogin%2Findex.cfm
→ <customErrors mode=“RemoteOnly” defaultRedirect=“~/Error”
Excessive header warning:
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Secure cookie warning: Result
It looks like 2 cookies are being served over HTTPS without the “secure” flag being set (name : value):
CFID : 1056621
CFTOKEN : b8270e09cc770341-29437CDA-D50E-9717-C57199C0209BCD3A
Unless the cookie needs to be sent over an insecure connection, the “secure” flag should