Community Tip - Visit the PTCooler (the community lounge) to get to know your fellow community members and check out some of Dale's Friday Humor posts! X
I am using Windchill PDMLink Release N/A and Datecode with CPS N/A Security related question 1 1) Whether to delete the HTTP Server directory - Can I delete it? 2) Is it okay to set Database Profile? (PASSWORD_VERIFY_FUNCTION, FAILED_LOGIN_ATTEMPTS, PASSWORD_LIFE_TIME)
--------------------------------------------------------
Translated content from Korean to English using google translate. By Community moderation team.
I am using Windchill PDMLink Release N/A and Datecode with CPS N/A
보안 관련 문의사항 1
1) HTTP Server 디렉토리 삭제 여부
- 삭제 해도 되는 지?
2) Database Profile 설정 해도 되는 지?(PASSWORD_VERIFY_FUNCTION, FAILED_LOGIN_ATTEMPTS,PASSWORD_LIFE_TIME)
---------------------------------------
That's a mixed bag of questions. Perhaps explaining why you would do such a thing.
1) Your Windchill application needs a web server for you to communicate with. Deleting the HTTPServer folder will remove the OOTB installed Apache web server. It makes your Windchill super secure since noone (not even your own users) can access it. Do you have some other web server set up to replace Apache perhaps? If you want to secure your web server further you could look into a reverse proxy like for instance NGINX, configured on a Linux based server coupled with fail2ban or something similar. Set it all up with certificates for secure connection.
2) Altering the database profiles you mention may cause Windchill not to be able to connect to the DB unless you have a schedule to change your DB password and the update it accordingly before the password expires (if for instance you set the Password Life Time to some value). The Password Verify Function looks to define which password complexity rules your Oracle installation shall enforce. I have not changed this myself before, but with sufficient research I think you should be ok. Make sure you map out what to do and how to go about resolving issues if you end up with a locked system.
Remember to set strong System password, and make sure that you change the SYS password if you manage the Oracle installation yourself. If you have a decent DBA at hand they should be able to advise you on how to configure your DB.