Translations:Manual:$wgCookieSecure/10/en

HTTPS-only sites should set this to $1, to avoid cookie theft.