Some test text!
This guide will detail how you can improve the overall security of WebViewer Server.
The WebViewer Server container is designed to be as secure as possible. Default security measures built into this container include:
In order to further secure the container from your side, we suggest the following:
For more in depth and general purpose solutions to improving container security, please refer to this guide.
WebViewer Server is designed to request files from a server. This means that between all clients and the file server, WebViewer Server can expose access to all files on the file server. The common way of dealing with this is to add security to your server. This can be done by:
If you are concerned with clients still having access to files which they have lost access to we recommend enabling the TRN_ENABLE_PER_SESSION_CACHING . This will force the file links to be rechecked for validity every time they are requested.
There are groups of options which can more tightly restrict security for client coming in from the web. We recommend setting the following options:
Set this to false to prevent vulnerabilities arising from the demo code packaged with WebViewer Server
Set this to restrict requests to your WebViewer domain.
Set this to the root of your file server, which will restrict file requests to any other domain.
If you have concerns with cached files being accessible if the link is given out, you can set the following options. Keep in mind these options will come with a loss in performance due to the loss of cache sharing.
Get the answers you need: Support