Skip Navigation

IIST-SI-000202: Configure session state cookie settings

The IIS 10.0 website session state cookie settings must be configured to Use Cookies mode.
To check compliance with IIST-SI-000202, complete the following steps for each site hosted on the IIS 10.0 web server:
  1. Open the IIS 10.0 Manager.
  2. Click the site name.
  3. Under
    ASP.NET
    , click
    Session State
    .
  4. Under
    Cookie Settings
    , verify that the
    Use Cookies
    mode is selected from the
    Mode:
    drop-down list.
If the
Use Cookies
mode is selected, your application is not compliant.
If your application is not compliant, complete the following steps:
  1. Open the IIS 10.0 Manager.
  2. Click the site name.
  3. Under
    ASP.NET
    , select
    Session State
    .
  4. Under
    Cookie Settings
    , select
    Use Cookies
    from the
    Mode:
    drop-down list.
  5. In the
    Actions
    pane, click
    Apply
    .