You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Strengthen_security.json 4.3KB

1 개월 전
1 개월 전
1 개월 전
1 개월 전
1 개월 전
1 개월 전
1 개월 전
1 개월 전
1 개월 전
1 개월 전
1 개월 전
1 개월 전
1 개월 전
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162
  1. {
  2. "children": [
  3. {
  4. "behaviors": [
  5. {
  6. "name": "allHttpInCacheHierarchy",
  7. "options": {
  8. "enabled": true
  9. }
  10. }
  11. ],
  12. "children": [
  13. {
  14. "behaviors": [
  15. {
  16. "name": "allowPost",
  17. "options": {
  18. "allowWithoutContentLength": false,
  19. "enabled": true
  20. }
  21. }
  22. ],
  23. "comments": "Allow use of the POST HTTP request method.",
  24. "name": "POST",
  25. "options": {},
  26. "criteriaMustSatisfy": "all"
  27. },
  28. {
  29. "behaviors": [
  30. {
  31. "name": "allowOptions",
  32. "options": {
  33. "enabled": true
  34. }
  35. }
  36. ],
  37. "comments": "Allow use of the OPTIONS HTTP request method.",
  38. "name": "OPTIONS",
  39. "options": {},
  40. "criteriaMustSatisfy": "all"
  41. },
  42. {
  43. "behaviors": [
  44. {
  45. "name": "allowPut",
  46. "options": {
  47. "enabled": false
  48. }
  49. }
  50. ],
  51. "comments": "Allow use of the PUT HTTP request method.",
  52. "name": "PUT",
  53. "options": {},
  54. "criteriaMustSatisfy": "all"
  55. },
  56. {
  57. "behaviors": [
  58. {
  59. "name": "allowDelete",
  60. "options": {
  61. "enabled": false
  62. }
  63. }
  64. ],
  65. "comments": "Allow use of the DELETE HTTP request method.",
  66. "name": "DELETE",
  67. "options": {},
  68. "criteriaMustSatisfy": "all"
  69. },
  70. {
  71. "behaviors": [
  72. {
  73. "name": "allowPatch",
  74. "options": {
  75. "enabled": false
  76. }
  77. }
  78. ],
  79. "comments": "Allow use of the PATCH HTTP request method.",
  80. "name": "PATCH",
  81. "options": {},
  82. "criteriaMustSatisfy": "all"
  83. }
  84. ],
  85. "comments": "Allow the use of HTTP methods. Consider enabling additional methods under a path match for increased origin security.",
  86. "name": "Allowed methods",
  87. "options": {},
  88. "criteriaMustSatisfy": "all"
  89. },
  90. {
  91. "behaviors": [
  92. {
  93. "name": "cacheTagVisible",
  94. "options": {
  95. "behavior": "PRAGMA_HEADER"
  96. }
  97. }
  98. ],
  99. "comments": "Do not expose back-end information unless the request contains the Pragma debug header.",
  100. "name": "Obfuscate debug info",
  101. "options": {},
  102. "criteriaMustSatisfy": "all"
  103. },
  104. {
  105. "behaviors": [
  106. {
  107. "name": "modifyOutgoingResponseHeader",
  108. "options": {
  109. "action": "DELETE",
  110. "customHeaderName": "X-Powered-By",
  111. "standardDeleteHeaderName": "OTHER"
  112. }
  113. },
  114. {
  115. "name": "modifyOutgoingResponseHeader",
  116. "options": {
  117. "action": "DELETE",
  118. "customHeaderName": "Server",
  119. "standardDeleteHeaderName": "OTHER"
  120. }
  121. }
  122. ],
  123. "comments": "Do not expose back-end information unless the request contains an additional secret header. Regularly change the criteria to use a specific unique value for the secret header.",
  124. "criteria": [
  125. {
  126. "name": "requestHeader",
  127. "options": {
  128. "headerName": "X-Akamai-Debug",
  129. "matchCaseSensitiveValue": true,
  130. "matchOperator": "IS_NOT_ONE_OF",
  131. "matchWildcardName": false,
  132. "matchWildcardValue": false,
  133. "values": [
  134. "true"
  135. ]
  136. }
  137. }
  138. ],
  139. "name": "Obfuscate backend info",
  140. "options": {},
  141. "criteriaMustSatisfy": "all"
  142. },
  143. {
  144. "behaviors": [
  145. {
  146. "name": "httpStrictTransportSecurity",
  147. "options": {
  148. "enable": false
  149. }
  150. }
  151. ],
  152. "comments": "Require all browsers to connect to your site using HTTPS.",
  153. "name": "HSTS",
  154. "options": {},
  155. "criteriaMustSatisfy": "all"
  156. }
  157. ],
  158. "comments": "Control the settings that minimize the information your website shares with clients and malicious entities to reduce your exposure to threats.",
  159. "name": "Strengthen security",
  160. "options": {},
  161. "criteriaMustSatisfy": "all"
  162. }