QPR ProcessAnalyzer Security Hardening

From QPR ProcessAnalyzer Wiki
Revision as of 13:08, 28 October 2018 by Ollvihe (talk | contribs)
Jump to navigation Jump to search

The following list provides recommendations for improving the security (hardening) of QPR UI installation.

IIS Response Headers: X-XSS-Protection and X-Frame-Options

  1. In Internet Information Services (IIS) Console, click EnticeServices folder in the left side hierarchy, double-click URL Rewrite, View Server Variables... variables, and add HTTP_X_ORIGINAL_ACCEPT_ENCODING and HTTP_ACCEPT_ENCODING using the Add button. Do the same for the ui folder.
  2. In Internet Information Services (IIS) Console, click ui folder in the left side hierarchy, double-click HTTP Response Headers, click Add... on the right side pane, and define the following: (more information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection)
    • Name: X-XSS-Protection
    • Value: 1; mode=block
  3. Similarly, add the following HTTP Response Header: (more information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)
    • Name: X-Frame-Options
    • Value: deny

Allow Incoming Requests only from Localhost

In GlassFish allow incoming requests only from localhost.

Change Glassfish Administrator Password

Change GlassFish administrator password

Latest Java is Installed

Check that the latest version of Java 8 is installed.

Retrieved from "https://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_Security_Hardening&oldid=11272"