Error handling security considerations for the IBM WebSphere Application Server용 DMZ 보안 프록시 서버

The overall security level of the IBM® WebSphere® Application Server용 DMZ 보안 프록시 서버 is partially determined by the choices made regarding the handling of custom errors.

You can define a custom error page for each error code or a group of error codes on errors generated by the proxy server or the application server. This is done using HTTP status codes in responses to generate uniform customized error pages for the application. For security reasons, you can ensure that the error pages are read from the local file system instead of being forwarded to a custom remote application. Choosing this option limits the code path and eliminates the need for a potentially unauthorized application to be run as the error message is generated based on a flat file. For more information about the error handling for the secured proxy server, see 사용자 정의 오류 페이지 정책 개요.

The following security level settings are used when evaluating a custom security level. Local error page handling is used for all of the predefined security levels.
Table 1. Error handling options. This table lists the security level settings that are used when evaluating a custom security level.
Error page handling Definition
Local error page handling This is considered a high security level setting.
Remote error page handling This is considered a medium and low security level setting.

주제 유형을 표시하는 아이콘 개념 주제



시간소인 아이콘 마지막 업데이트 날짜: July 9, 2016 6:06
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=csec_spxy_errorhandling
파일 이름:csec_spxy_errorhandling.html