7.2 Additional Recommendations

To enable/add transport level security by using SSL:
  1. On AdminServer, click Managed Servers, under Managed Servers, click WebLogic Server.
  2. Under WebLogic Server, click Administration, under Administration, click General Settings.
    The General Settings screen displays.

    Figure 7-1 SSL Listen Port


    Description of Figure 7-1 follows
    Description of "Figure 7-1 SSL Listen Port"

  3. Select the SSL Listen Port Enabled check-box and input the port number in the SSL Listen port.
  4. Authentication/Authorization: As mentioned in application installation document.
  5. Set-up HTTP server in front of weblogic: https://docs.oracle.com/en/middleware/fusion-middleware/weblogic-server/14.1.2/cnfgd/web_server.html
  6. Addition of WS policies: As mentioned in the Webservices installation document.
  7. Restricted access to log files: This can be achieved by granting right permissions to files and folders.
  8. Hashing of authentication passwords: The passwords stored in the weblogic are hashed by weblogic. Developers don’t have control.
  9. Storage of authentication certificates in password protected Keystore: http://docs.oracle.com/javase/7/docs/technotes/tools/windows/keytool.html
  10. Database Auditing: https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/introduction-to-auditing.html
  11. Secure Database back-up: https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/index.html
  12. Database Access Control List: https://docs.oracle.com/en/database/oracle/oracle-database/19/adxdb/index.html
  13. File/Socket IO runtime Permissions: https://docs.oracle.com/en/database/oracle/oracle-database/19/jjdev/index.html
  14. Oracle Wallet: https://docs.oracle.com/en/database/oracle/oracle-database/19/ntqrf/storing-oracle-wallets-in-windows-registry.html
  15. File system access to appropriate user: This can be achieved by granting right permissions to files and folders.
  16. Access of protected ports: https://docs.oracle.com/cd/cloud-control-13.3/EMADV/toc.htm
  17. IP Filtering: http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html

Parent topic: Security Features