mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Docs security secure session cookie (#15328)

Browse Source 
* Fix unescaped output in ipv6 search page

* Add SESSION_SECURE_COOKIE to the security recommendations page
This commit is contained in:
Tony Murray
2023-09-18 11:11:44 -05:00
committed by GitHub
parent 274a89bcb4
commit 1bf68f73c4
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
doc/General/Security.md
View File

@@ -10,10 +10,18 @@ should show that we take things seriously.
As with any system of this nature, we highly recommend that you
restrict access to the install via a firewall or VPN.
Please ensure you keep your install [up to date](Updating.md).
### Enable HTTPS
It is also highly recommended that the Web interface is protected with
an SSL certificate such as ones provided by [LetsEncrypt](http://www.letsencrypt.org).
Please ensure you keep your install [up to date](Updating.md).
### Secure Session Cookies
Once you have enabled HTTPS for your install, you should set `SESSION_SECURE_COOKIE=true`
in your .env file. This will require cookies to be transferred by secure protocol and
prevent any MiM attacks against it.
### Trusted Proxies