...
...
...
...
| Section | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
- Configure Tomcat to accept only SSL connections to the frevvo Database Connector. This encrypts data sent between the hosted frevvo Server and the Database frevvo Database Connector installed in your local machine, thus protecting the queryKey.
- Create a SSL self-signed certificate and install in Tomcat’s keystore. The self-signed certificate will ensure that the data being transmitted and received by the frevvo Database Connector is private and cannot be snooped by anyone who may be eavesdropping on the connection.
- You can find more details here about running the Database the frevvo Database Connector under Tomcat.
Configure SSL for Standalone Database Connector
...
SQL Injection Protection
The frevvo Database Connector automatically protects your data from Injection Attacks. No configuration is required for this security measure.
...
While you cannot encrypt the database password in the <frevvo-home>\tomcat\conf\dbconnector.properties file, you can provide added security using one of the following methods:
- Define the data source at the container (tomcat) level for some added security. Please see this documentation which explains how.
- Store password as an OS Environment Variable and reference that variable in the dbconnector.properties file. See Secure Passwords in Tomcat for details.
...
There is nothing built in the frevvo Database Connector to block public access or enforce authentication to the database connector status page or other database connector URLs.
If you are using frevvo On Premise and the Database Connector is installed in the same tomcat as frevvo, you can restrict access to all database connector URLs from outside, allowing connections only from localhost (i.e. frevvo) by creating an individual context.xml for your app.
...