You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Especially for web services, it would be great if there were a mode that works as securely as sensible by default, and can be easily enabled, for example via an option such as --hardened in the HTTP Unix daemon. At the cost of making development somewhat harder (if enabled), such a mode would reveal less information to attackers.
Configuration options that could be affected by such a mode come to mind immediately, especially after the discussion in SWI-Prolog/plweb#23:
obsolete protocols should be reliably disabled in this mode, without weakening security if users themselves have already chosen more secure settings.
backtraces that may expose sensitive data (such as login names, paths etc.) must be disabled.
anything else?
The text was updated successfully, but these errors were encountered:
Especially for web services, it would be great if there were a mode that works as securely as sensible by default, and can be easily enabled, for example via an option such as
--hardenedin the HTTP Unix daemon. At the cost of making development somewhat harder (if enabled), such a mode would reveal less information to attackers.Configuration options that could be affected by such a mode come to mind immediately, especially after the discussion in SWI-Prolog/plweb#23:
The text was updated successfully, but these errors were encountered: