1.1 Security Recommendations for iFolder 3.7

The following table lists the iFolder server configuration settings that impact iFolder security.

Table 1-1 Security Recommendations

Parameter

Possible Values

Default Value

Recommended Value for Best Security

iFolder Admin user

User-specified

User-specified administrator user

Special iFolder Admin user identity for managing iFolder services

Equivalent iFolder Admin users

User-specified

None

Users with limited administrator rights, such as for a specific iFolder server

iFolder Proxy user password

User-specified

Auto generated during initial configuration of the iFolder server

User-specified, using strong password practices

Server to client communications

SimiasRequireSSL (Yes/No)

SimiasRequireSSL = Yes

SimiasRequireSSL = Yes

Server to Server Communication

Select Yes during setup to enable SSL, or select No to disable SSL

Yes, SSL enabled

SimiasUrl https

SimiasCert <RAW certificate>

Yes, SSL enabled

/usr/web/web.config file

SimiasUrl (https/http)

SimiasCert (RAW certificate/none)

SimiasRequireSSL https

SimiasCert <RAW certificate>

SimiasRequireSSL https

SimiasCert <RAW certificate>