How to secure classic ASP ASPSESSIONID cookie?

Question

Is there a way to mark classic ASP ASPSESSIONID* cookies as secure? It appears that the ASP ISAPI handler adds that session id cookie after my page is done rendering so put

Answer 1

I run this command:

CSCRIPT C:\Inetpub\AdminScripts\adsutil.vbs set w3svc/1/AspKeepSessionIDSecure 1

More information here: http://blogs.msdn.com/b/rahulso/archive/2007/06/19/cookies-case-study-with-ssl-and-frames-classic-asp.aspx