Encrypt the contents of the header using encryption agreed upon between server administration and the clients. Or, more simply, you may encrypt server-browser exchanges with the SSL security switch in the cookie header. This feature, the SECURE attribute, allows you to limit the cookies' use to a secure channel (such as SSL). To enable this feature, set SECURE to TRUE. You can go a step further by installing an SSL certificate on your Apache server. Then your cookie exchanges will be SSL-encrypted.