| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129 |
- {
- title: 'Security',
- crumbs: [
- { "User's Guide": '../users/' },
- ],
- }
- <h1>Security Considerations</h1>
- <p>Securing applications that are accessible to the Internet is not a trivial task. This page outlines some
- of the issues, and offers tips to help you secure your application using the Embedthis GoAhead
- product.</p><a id="updates"></a>
- <h2 >Updates</h2>
- <p>Even the best application or HTTP server can experience some security vulnerabilities that are
- discovered after being deployed in the field. It is highly recommended that you stay up to date with the
- latest version of GoAhead.</p>
- <p><a href="http://www.embedthis.com/">Embedthis</a> offers a Security Enhancement Service as part of an
- GoAhead commercial license that will proactively notify you of any security flaws and will expedite fixes or
- workarounds to minimize the vulnerability.</p>
-
- <a id="account"></a>
- <h2 >GoAhead User Account</h2>
- <p>It is important that you run GoAhead with the lowest system privilege that will get the job done. If any
- application is compromised, including GoAhead, then the system will be safest if the compromised application
- has as few privileges as possible.</p>
- <a id="directoryPermissions"></a>
- <h2 >Directory and File Permissions</h2>
- <p>This section explains the policy should you need to move or modify files and directories.</p>
- <p>To enhance security you need to consider the directory and file permissions for three classes of
- content:</p>
- <ul>
- <li>Pages served by the HTTP server</li>
- <li>Scripts run by the HTTP server</li>
- <li>Configuration and log files used by the HTTP server.</li>
- </ul>
- <p>Pages served by the GoAhead server should be owned by root or administrator and should only be readable
- by the GoAhead user account. Directories containing served pages should be readable and executable only.</p>
- <p>Scripts run by the GoAhead server should always be outside all directories containing served pages. After
- all, you don't want prying eyes viewing your scripts! Scripts should be owned by the <b>root</b> or
- <b>administrator</b> and should only be readable and executable by the GoAhead user account.</p>
- <p>Configuration and log files used by the GoAhead server should always be outside all directories
- containing served pages or scripts. The directory containing the log files must be writable by the GoAhead
- user account.</p>
- <h3>Home Permissions</h3>
- <p>The home directory in which GoAhead executes should be owned by <b>root</b> or administrator, and should be
- in the group <b>root</b> or administrators. They should only be writable by this specific user and group.</p>
-
- <a id="authentication"></a>
- <h2 >Authentication</h2>
- <p>It is highly recommended that you use Form-based <a href="authentication.html#formAuthentication">Form</a>
- authentication and not Basic authentication. As implemented in GoAhead, Form authentication over SSL
- provides many safeguards against known exploits including; man-in-the-middle attacks, client spoofing,
- and replay attacks.</p>
-
- <a id="sandBoxing"></a>
- <h2 >Sandboxing</h2>
- <p>Sandboxing is the term applied to running GoAhead in a confined environment. When embedding a HTTP server
- in an application, the profile of client access is often well known. This profile includes the rate of
- accesses, the length of URLs and the size of pages returned to the user.</p>
- <p>GoAhead has a set of build time configuration options that allow you to define a sandbox which specifies how
- GoAhead must be used for a request to be serviced. By using well defined sandbox directives, you can help
- ensure that your application will not be compromised by malicious requests.</p>
- <h3>Limit Directives</h3>
- <p>The limit directives are defined in main.me which is used by <i>MakeMe</i> when configuring GoAhead
- and generating the <i>bit.h</i> header that is included by GoAhead source code.</p>
- <table title="sandbox" class="ui table segment">
- <thead>
- <tr>
- <th>Directive</th><th>Purpose</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td class="pivot">limitBuffer</td>
- <td>General I/O buffer size</td>
- </tr>
- <tr>
- <td class="pivot">limitFilename</td>
- <td>Maximum filename size</td>
- </tr>
- <tr>
- <td class="pivot">limitHeader</td>
- <td>Maximum size of the request header</td>
- </tr>
- <tr>
- <td class="pivot">limitNumHeaders</td>
- <td>Maximum number of header lines in the request</td>
- </tr>
- <tr>
- <td class="pivot">limitParseTimeout</td>
- <td>Maximum time to parse the request headers</td>
- </tr>
- <tr>
- <td class="pivot">limitPassword</td>
- <td>Maximum size of a password</td>
- </tr>
- <tr>
- <td class="pivot">limitPost</td>
- <td>Maximum size of the incoming POST request body</td>
- </tr>
- <tr>
- <td class="pivot">limitPut</td>
- <td>Maximum size of the incoming PUT request body</td>
- </tr>
- <tr>
- <td class="pivot">limitSessionLife</td>
- <td>Default session lifespan in seconds</td>
- </tr>
- <tr>
- <td class="pivot">limitSessionCount</td>
- <td>Maximum number of sessions</td>
- </tr>
- <tr>
- <td class="pivot">limitString</td>
- <td>Default string size</td>
- </tr>
- <tr>
- <td class="pivot">limitTimeout</td>
- <td>Request inactivity timeout in seconds</td>
- </tr>
- <tr>
- <td class="pivot">limitUri</td>
- <td>Maximum URI size</td>
- </tr>
- <tr>
- <td class="pivot">limitUpload</td>
- <td>Maximum size of a file upload request</td>
- </tr>
- </tbody>
- </table>
|
