User guide
Security Measures for Operation of the Web Server (InfoProvider Pro)
2-9
Security Measures for Operation of the Web Server
(InfoProvider Pro)
The InfoProvider Pro can be used on the Windows(R) system or Solaris OE system.
Notes on Permissions of Contents
To prevent alteration by end users, it is recommended to set the proper permissions on the top-level
directory to be made accessible and the directory that stores applications.
Notes on the Permissions of the Environment Definition File
To prevent alteration of resources and leakage of information by end users, it is recommended to set the
same permission as the sample environment definition to a newly created environment definition file.
Notes on User Authentication
The information of user IDs and passwords used for user authentication is transmitted without encoding.
To prevent interception of user IDs and passwords, SSL encryption is recommended.
In addition to this, it is recommended to set rules for setting passwords and to make sure users follow
this rule.
Example:
• Establish the password setting rule as follows, and set a password that the others cannot guess.
− Mix upper-case and lower-cases letters, special characters, and numerals.
− Do not use personal information (such as name, nickname, telephone number, birthday, etc).
− Use eight or more characters.
• Change your password periodically. For example, change your password four times a year (every
three months).