QPR ProcessAnalyzer Security Hardening: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
The following list provides recommendations for improving the security (hardening) of QPR UI installation. | The following list provides recommendations for improving the security (hardening) of QPR UI installation. | ||
== IIS Response Headers: X-XSS-Protection and X-Frame-Options == | |||
# In '''Internet Information Services (IIS) Console''', click '''EnticeServices''' folder in the left side hierarchy, double-click '''URL Rewrite''', '''View Server Variables...''' variables, and add '''HTTP_X_ORIGINAL_ACCEPT_ENCODING''' and '''HTTP_ACCEPT_ENCODING''' using the '''Add''' button. Do the same for the '''ui''' folder. | |||
# In '''Internet Information Services (IIS) Console''', click '''ui''' folder in the left side hierarchy, double-click '''HTTP Response Headers''', click '''Add...''' on the right side pane, and define the following: (more information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) | |||
#* Name: '''X-XSS-Protection''' | |||
#* Value: '''1; mode=block''' | |||
# Similarly, add the following HTTP Response Header: (more information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) | |||
#* Name: '''X-Frame-Options''' | |||
#* Value: '''deny''' | |||
== Allow Incoming Requests only from Localhost == | |||
In GlassFish allow incoming requests only from localhost. | |||
== Change Glassfish Administrator Password== | == Change Glassfish Administrator Password== | ||
Revision as of 13:08, 28 October 2018
The following list provides recommendations for improving the security (hardening) of QPR UI installation.
IIS Response Headers: X-XSS-Protection and X-Frame-Options
- In Internet Information Services (IIS) Console, click EnticeServices folder in the left side hierarchy, double-click URL Rewrite, View Server Variables... variables, and add HTTP_X_ORIGINAL_ACCEPT_ENCODING and HTTP_ACCEPT_ENCODING using the Add button. Do the same for the ui folder.
- In Internet Information Services (IIS) Console, click ui folder in the left side hierarchy, double-click HTTP Response Headers, click Add... on the right side pane, and define the following: (more information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection)
- Name: X-XSS-Protection
- Value: 1; mode=block
- Similarly, add the following HTTP Response Header: (more information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)
- Name: X-Frame-Options
- Value: deny
Allow Incoming Requests only from Localhost
In GlassFish allow incoming requests only from localhost.
Change Glassfish Administrator Password
Change GlassFish administrator password
Latest Java is Installed
Check that the latest version of Java 8 is installed.