Hi ressa, Note that this ensures that subdomain-created cookies with prefixes are either confined to the subdomain or ignored completely. The three primary reasons Google has pioneered the push toward HTTPS are encryption, data integrity and authentication. HTTPS is a protocol which encrypts HTTP requests and their responses. I have not worked on CentOS, but I would assume that Apache 2+ has a homogeneous file directory structure across all OS platforms. The HTTP does not contain any SSL certificates, so it does not decrypt the data, and the data is sent in the form of plain text. Mail us on [emailprotected], to get more information about given services. The browser will reject cookies with these prefixes that don't comply with their restrictions. Create the SSL Certs for mysite.org and make crt folder like so, /var/www/crt/mysite.org/server.crt and /var/www/crt/mysite.org/server.key. The SSL certificates can be available for both free and paid service. Its a great language for computers, but its not encrypted. Under the documentation issued by Tim Berners-Lee, he stated that "if the port number is not specified, then it will be considered as HTTP". If a site uses accounts, or publishes material that people might prefer to read in private, the site should be protected with HTTPS. Right below that, Under With Strict, the browser only sends the cookie with requests from the cookie's origin site. Insert this at the top of settings.php, right after