[ECODP-dev] URLS to be blocked by the cache

• Previous message: [ECODP-dev] URLS to be blocked by the cache
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Darwin,
Thanks. Communicated the proposed solution to PO.

Best,
Bastiaan

On Wed, Dec 19, 2012 at 4:55 PM, Darwin Peltan <darwin.peltan at okfn.org>wrote:

> As discussed in our session today please see below a link to a document
> with the URLS which the commission should be blocking at the cache level.
>
>
> https://docs.google.com/document/d/19ldeunN3UQG_UTK2F7zplWV6Rjdo1ZdGaLfk_KjQhOU/edit
>
>
> These URLS address
> * Access to the user functions of the API from outside the network
> * Restricting access to user list and user reset
>
> It is essential that these URLS are blocked externally now that NGINX has
> been removed.
>
> The EC also asked about limiting the number of Brute Force requests that
> people can make on the login form. As previously advised this would be best
> limited in the caching layer.
>
> Hopefully this resolves all the security issues raised by the commission.
>



-- 
Bastiaan Deblieck
Semantic Technology Business Unit Manager

http://www.tenforce.com/
T: +32 16 31 48 60
M:+32 475 95 49 32
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/ecodp-dev/attachments/20121220/1d5d0e5f/attachment.html>

• Previous message: [ECODP-dev] URLS to be blocked by the cache
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]