diff --git a/ghost/core/core/frontend/apps/private-blogging/lib/middleware.js b/ghost/core/core/frontend/apps/private-blogging/lib/middleware.js
index b02efb0f875c..8912100f9786 100644
--- a/ghost/core/core/frontend/apps/private-blogging/lib/middleware.js
+++ b/ghost/core/core/frontend/apps/private-blogging/lib/middleware.js
@@ -55,7 +55,8 @@ const privateBlogging = {
             name: 'ghost-private',
             maxAge: constants.ONE_MONTH_MS,
             signed: false,
-            sameSite: 'none'
+            sameSite: urlUtils.isSSL(config.get('url')) ? 'none' : 'lax',
+            secure: urlUtils.isSSL(config.get('url'))
         })(req, res, next);
     },