Security¶
This page shows the most basic actions required to make a 3forge environment more secure. If you are encountering specific security warnings, check here to see if you have encountered some common issues. Otherwise, please contact at us at support@3forge.com for additional help.
Login credentials¶
You can find the default credentials to log in to AMI in the amione/data/access.txt
file. Until other forms of authentication can be set up, we recommend changing to something more secure using the following format:
For production environments, please follow these instructions to encrypt your user login information, or use a different authentication system.
Set Up HTTPS connection¶
By default, the AMI frontend is accessible through a HTTP connection. This is insecure as it is not encrypted. The following steps will explain how to set up a secure HTTPS connection:
-
Ensure that your certificate truststore (for example
cacerts
) is up to date with the appropriate server certificates. See Oracle's guide on using keytool to generate certificates and adding them to your truststore. -
Generate SSL keys for 3forge using these instructions
-
Set the following properties:
Remove Shell, SSH, and SFTP adapters¶
The Shell, SSH, and SFTP adapters are powerful tools that give developers great flexibility; but in the wrong hands they can provide privileged access to the server hosting AMI. If these adapters are not being used, we recommend to remove them by setting the following property:
Note
The default list of available datasource plugins can be found in amione/config/default.properties