High security plugin (instance security hardening)
When you activate the High Security plugin, it creates or updates hundreds of different configurations to control the level of security on your instance. These configurations mitigate many of the top OWASP attacks by enabling strict access control, input validation, and output encoding.
- Access Control
- Business rules
- System properties
- UI policy action
- script actions
- script includes
Example
Refer to the examples for the following properties:
| Property | Topic |
|---|---|
| glide.ui.escape_all_script | Escape Jelly |
| glide.security.strict.actions | Check UI action before execution |
| glide.security.csrf_previous.allow | Anti-CSRF token |
| glide.security.csrf.strict.validation.mode | CSRF strict validation |
More information
| Attribute | Description |
|---|---|
| Plugin Name | com.glide.high_security |
| Configuration type | System Definition > Plugins - Development |
| Purpose | It is mandatory to activate this plugin. It increases the security level of an instance, which reduces the attack surface by mitigating owasp top 10 attacks, including CSRF, XSS, Securing Session Cookies, and File uploads. |
| Recommended value | Active |
| Functional Impact | This plugin enables several system security configurations, which may impact UI and functionality as well. |
| Security risk | (High) Many security configurations are unintentionally left open, which may open the door for some of the critical vulnerabilities. |
| References |
To learn more about activating a plugin, see Activate a plugin.