Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
documentation:latest:security [2019/04/13 15:13]
127.0.0.1 external edit
documentation:latest:security [2019/05/13 09:22] (current)
cmaudoux [Configure security settings]
Line 169: Line 169:
   * **Use global storage**: Local cache is used by default for one time tokens. To use global storage, set it to '​On'​   * **Use global storage**: Local cache is used by default for one time tokens. To use global storage, set it to '​On'​
  
-<​note ​warning>If URLs are protected with AuthBasic handler, you have to disable CSRF token by setting a special rule based on callers IP address like this :+<​note ​important>If URLs are protected with AuthBasic handler, you have to disable CSRF token by setting a special rule based on callers IP address like this :
  
 requireToken => $env->​{REMOTE_ADDR} !~ /​^127\.0\.[1-3]\.1$/​ requireToken => $env->​{REMOTE_ADDR} !~ /​^127\.0\.[1-3]\.1$/​
 </​note>​ </​note>​
 +<note warning>​Enable global storage for one time tokens will downgrade Portal performance!!!
 +
 +Must be use ONLY with outdated or low performance Load Balancer.</​note>​
 ===== Fail2ban ===== ===== Fail2ban =====
 To prevent brute force attack with fail2ban To prevent brute force attack with fail2ban