Академический Документы
Профессиональный Документы
Культура Документы
Application Installation:
Team should ensure the installation directory should be as per the allocate directory not with default directory of app.
No Root Login :
Team will ensure that there should not be any login with root at user and application level as well.
UMASK setting
We recommend configuring the umask for the root account to 077 (only accessible for root) for the other accounts to at least 027 (only writable for the account itself.
Insecure Cookie
Management should consider enabling HTTP Only feature for session cookies, marking a cookie as HTTP Only would provide an additionally layer of protection against attacks making the cookies not readable by client-side scripts
Login Banner
Team should ensure if any user get login he should go with login policy and he should get the details of login banner once he login to server.
Firewall Policies
Team should ensure India CDN level based policies and Port level policies with inbound and outbound traffic.