HTTP-Access Limitation & Redirection
Administrators often do not like to mix Notes and browser access to one Domino server. Either they have not tested all Notes databases with browser access or they do not want the extra load on a server. Domino Servers are therefore often dedicated to either Notes or browser access. But especially in small locations, separating Notes from browser access mean higher costs: double hardware, software and maintenance is required.
Use Domino servers a better way: Notes- and browser-clients on one server. With SecureDomino, administrators can expose only specific databases or directories to http access. Administrators can therefore allow browser access only to specific applications and not to the mail files or only to the mail files and not to the applications.
Black and White Lists
HTTP-access to internet servers can be limited to the databases that make up the website (white list). HTTP-access to all other databases, like the Domino directory or the databases catalog can be prohibited (black list). That also may act as an additional protection in case of incorrect set up ACL.
Preventing smart force attacks
Domino based websites often offer more information than intended by the administrators. Inaccurate developed Domino-based applications may allow hackers to easily retrieve confidential information like personal data or database configuration settings. SecureDomino protects the entire server against spying out.
For example: The URL command $DefaultNav will open a database with a default navigator that displays all available views and folders. Even views designed for Notes administrators or for the content- or webmaster will be displayed, unless the Domino-designer explicitly hides all views from web browser. But who is perfect? Other critical URL commands include $DefaultView, $DefaultForm and ?ReadViewEntries. After the hacker has retrieved the names and addresses of the domino objects, he might even try to tamper the database with other URL commands like "?DeleteDocument" or "?SaveForm".
Use Domino servers a better way: Notes- and browser-clients on one server. With SecureDomino, administrators can expose only specific databases or directories to http access. Administrators can therefore allow browser access only to specific applications and not to the mail files or only to the mail files and not to the applications.
Black and White Lists
HTTP-access to internet servers can be limited to the databases that make up the website (white list). HTTP-access to all other databases, like the Domino directory or the databases catalog can be prohibited (black list). That also may act as an additional protection in case of incorrect set up ACL.
Screenshot: HTTP Access and Redirection Configuration
Preventing smart force attacks
Domino based websites often offer more information than intended by the administrators. Inaccurate developed Domino-based applications may allow hackers to easily retrieve confidential information like personal data or database configuration settings. SecureDomino protects the entire server against spying out.
For example: The URL command $DefaultNav will open a database with a default navigator that displays all available views and folders. Even views designed for Notes administrators or for the content- or webmaster will be displayed, unless the Domino-designer explicitly hides all views from web browser. But who is perfect? Other critical URL commands include $DefaultView, $DefaultForm and ?ReadViewEntries. After the hacker has retrieved the names and addresses of the domino objects, he might even try to tamper the database with other URL commands like "?DeleteDocument" or "?SaveForm".
URL-Filtering / Redirection
With SecureDomino you can block these specific commands. Hackers trying an illegal URL will be forwarded to a specific page or to any other URL. SecureDomino can not be cheated with coding the URL commands in unicode and is therefor much safer than entering a simple redirection mapping in the Domino directory. Prove it: /Names.nsf/$DefaultNav?open
SecureDomino additionally allows custom redirections. A feature, that can be very helpful in database-development or after a migration of a static website to a Domino-based one.
Screenshot: URL commands Redirection Configuration
Get in touch
