Skip to main content

Security Improvements

The following essential security best practices are implemented by Dane.

Strong Default SSL Ciphers and SSL Protocol

SSL v3 protocol in SSL configuration is disabled
SHA-1 ciphers in SSL ciphers configuration are disabled
CBC padding in SSL ciphers configuration is disabled
AES128 SSL configuration is disabled.
Only TLS v1.2 protocol is enabled in SSL configuration
RC4 and DES ciphers in SSL ciphers configuration are disabled
Only strong (HIGH) ciphers allowed in SSL ciphers configuration

Improved Security on HTTP Responses

Resolved ETag Inode information leakage vulnerability
Added HTTP header X-Content-Type-Options: nosniff to all responses
Added HTTP header Strict-Transport-Security to all responses
Added HTTP header X-XSS-Protection "1; mode=block" to all responses
Added HTTP header X-Frame-Options SAMEORIGIN to all responses

Supported HTTP Methods

Supported HTTP methods are: GET, POST, PUT, PATCH and DELETE. For security reasons, the OPTION HTTP method is not supported.