WebSpeed
Product Update Bulletin


Techniques To Minimize Unauthorized Access To WebSpeed Messengers

Consider replacing the default filenames and file extensions associated with key WebSpeed files with proprietary (that is, less easily recognizable) names and extensions that you define. This action limits unauthorized personnel’s ability to recognize these files when they display on the URL.

The following list identifies these key files and suggests some ways to shield the identify of each file:

Restrict Your File Upload Directory

Do not allow execute permissions on your file upload directory.

NOTE: As previously mentioned earlier in this section, do not include references to the file upload directory in your PROPATH.

WebSpeed Configuration Considerations

As a general guideline to restrict access to your WebSpeed configuration from attack, protect your WebSpeed Broker, Web server, and database components inside your firewall; your Web server and WebSpeed messenger must be on a machine outside this firewall.

NOTE: For a more information about security issues as they pertain to WebSpeed configurations and their integration with firewalls, see the section, "Maximizing WebSpeed Compatibility With Your Firewall" .


Copyright © 2004 Progress Software Corporation
www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095