There are a number of precautions that should be taken before running Exago in a production environment.
- Set an external temp path
- Disable direct access
- Set configuration and API credentials
- Remove the XML configuration file
- Remove the Admin Console
- Encrypt Scheduler Service working data
- Disable SOAP Web Service API
This article mentions several Admin Console settings. There are matching configuration file nodes and API properties that can be used for modifying these settings as well. For more information, review the Config File XML Reference and Config File and API Setting Reference articles.
This article references
<Sched>/as a placeholder for the Web Application, Web Service API and Scheduler Service's install location respectively. The default install location is
/opt/Exago/WebServiceApi/on Linux) or
/opt/Exago/Scheduler/on Linux); however, these directories can be changed during installation.
Set an External Temp Path
The Temp directory contains working data that may contain sensitive information. If the Temp Path configuration setting is left blank, Exago will default to a Temp folder at the root of the installation directory. This is not recommended because it could expose temporary data to web access.
The Temp Path should be set to a location outside of the Exago installation (and behind the server's firewall). Set the Temp Path in Admin Console > General > Main Settings > Temp Path.
Disable Direct Access
Access to Exago should be curated through the API so that user permissions can be set via Roles or the Storage Management identity system. Users should not be able to access the home page directly, which would bypass role restrictions. To disable direct access to Exago, set the Admin Console > General > Main Settings > Allow direct access to Exago (bypassing API) to False.
Set Configuration and API Credentials
A User ID, Password, and REST Key should be set in the configuration. This safeguards access to the Admin Console and REST API. See REST API for information on accessing a password-protected web service. To do so, set values for the following settings:
- Admin Console > General > Other Settings > User Id
- Admin Console > General > Other Settings > Password
- Admin Console > General > Other Settings > Confirm Password
- Admin Console > General > Other Settings > REST Key
Remove the XML Configuration File
The Admin Console generates two copies of the configuration: a plain-text XML file, typically
WebReports.xml and an encrypted version
WebReports.xml.enc. Plain-text config files may contain sensitive information, such as database connection strings, schemas, usernames, and passwords.
When your config settings have been finalized, the plain-text config file should be removed from the Config folder and saved in a secure location.
Remove the Admin Console
The Admin Console should not be accessible in a production environment. To permanently remove the Admin Console, in each installation:
Admin.aspxcan be deleted as well, or edit it to show a static error message.
Encrypt Scheduler Service Working Data
This section applies only in environments where at least one Scheduler Service is in use.
Each Scheduler Service stores working data in a local temporary folder. For security, this data should be encrypted. In each Scheduler Service's configuration file:
- Set the
<encrypt_schedule_files>setting to True. For example:
- Restart the Scheduler Service
Disable SOAP Web Service API
This section applies only in environments where the REST Web Service API is in use. If the .NET API is being used instead, the REST Web Service may not be installed. It may be uninstalled if it will not be used.
If you are using the REST Web Service API, disable the SOAP API to prevent any unauthorized requests. To do so, in each instance of the Web Service API:
Api.aspxcan be deleted as well, or edit it to show a static error message.