Skip to content

Commit

Permalink
Merge pull request #7633 from OpenLiberty/7627-security-hardening-con…
Browse files Browse the repository at this point in the history
…fig-is-not-xml-formatted

7627-security hardening config is not xml formatted-1
  • Loading branch information
ramkumar-k-9286 authored Oct 15, 2024
2 parents 5306bdd + cfd378c commit e570e26
Showing 1 changed file with 8 additions and 4 deletions.
12 changes: 8 additions & 4 deletions modules/ROOT/pages/server-configuration-hardening.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -28,10 +28,14 @@ Set the `WLP_OUTPUT_DIR` environment variable to point to the server logs with t
* Ensure that any sensitive information in the `server.xml` file is AES-encrypted.
* Disable all non-TLS ports by setting ports to the value of `-1` in the `httpPort` argument of the `httpEndpoint` stanza.
* Use xref:reference:feature/transportSecurity-1.0.adoc[Transport Layer Security (TLS)] instead of SSL.
* Add the `webAppSecurity ssoRequiresSSL="true"` statement to the `server.xml` file.
* Add the `webAppSecurity httpOnlyCookies="true"` statement to the `server.xml` file.
* Add the `httpOptions removeServerHeader="true"` statement to the `server.xml` file.
* Add the `webContainer disableXPoweredBy="true"` statement to the `server.xml` file.
Add the following declarations to your `server.xml` file:
[source,xml]
----
<webAppSecurity ssoRequiresSSL="true" httpOnlyCookies="true" />
<httpOptions removeServerHeader="true" />
<webContainer disableXPoweredBy="true" />
----

[#ol-images]
== Open Liberty container images
Expand Down

0 comments on commit e570e26

Please sign in to comment.