We got a security report
piwik_lang Cookie has problem(s) piwik_lang = language%3Dczo1OiJ6aC10dyI7%3A_%xxxxx; Host = OURSITE; Path = / 1. Cookie does not have secure attribute.
-> Let's check and ensure that all our cookies have the Secure flag, when Matomo is used over HTTPS.
@mattab checked and the lang & (now unused) auth cookie are both secure if HTTPS is used. The tracker cookies aren't, but I think we want them to be applied regardless of protocol. Closing this.