Security concerns for MDriven Server
    m ((username removed) (log details removed))
    (Updated Edited template to July 12, 2025.)
     
    (5 intermediate revisions by 2 users not shown)
    Line 1: Line 1:
    When you install your MDriven Server, you access it by registering a new user. There are more things to consider, however.
    <message>Write the content here to display this box</message>
    When you install your MDriven Server, access it by registering a new user. There are more things to consider, however.


    To secure your model and data and system, you can:
    To secure your model and data and system, you can:
    Line 14: Line 15:
    Understand that no security limitations are enforced as long as you run your server in HTTP mode – because this would force us to send passwords over an open wire which is considered unsafe since it may implicate other services you have.
    Understand that no security limitations are enforced as long as you run your server in HTTP mode – because this would force us to send passwords over an open wire which is considered unsafe since it may implicate other services you have.


    The MDriven Book - See: [[MDrivenServer Summarized]]
    '''<span style="color: #1a50ad">The MDriven Book</span>''' - '''Next Chapter:''' [[Training:MDrivenServer Summarized|MDrivenServer Summarized]]
    [[Category:MDriven Server]]
    [[Category:MDriven Server]]
    {{Edited|July|12|2024}}
    {{Edited|July|12|2025}}

    Latest revision as of 06:20, 20 January 2025

    This page was created by Alexandra on 2017-10-04. Last edited by Edgar on 2025-01-20.

    When you install your MDriven Server, access it by registering a new user. There are more things to consider, however.

    To secure your model and data and system, you can:

    1. Make sure you communicate with MDriven Server over HTTPS so that no one sees your passwords and other data that will go over the wire.
    2. Limit what an unauthenticated user of MDriven Server can do.

    MDriven security 01.pngMDriven security 02.png

    MDriven security 03.pngMDriven security 04.png

    In the user admin dialog, state that the Admin UI requires identification. If you do this – and you should at some point – make sure you make yourself SuperAdmin so you do not lock yourself out.

    You can also state whether the services exposed by the MDriven Server via various web interfaces require authentication or not. You will likely begin with a relaxed attitude to security - this will put fewer requirements on the users you engage in prototyping etc.

    Understand that no security limitations are enforced as long as you run your server in HTTP mode – because this would force us to send passwords over an open wire which is considered unsafe since it may implicate other services you have.

    The MDriven Book - Next Chapter: MDrivenServer Summarized

    Retrieved from "https://wiki.mdriven.net/index.php?title=Training:Security_concerns_for_MDriven_Server&oldid=25554"

    © MDRIVEN . All Rights Reserved

    API Docs
    MDriven World | Portal | Blog | YouTube | StackOverflow | Facebook

    © MDRIVEN . All Rights Reserved