Security hardening

You can secure your installation against specific vulnerability types. Follow the steps in tech notes to secure the installation.

  • To protect against Host header injection - technote.
  • To protect against Content spoofing - technote.
  • To protect against Information disclosure in X-Powered-By HTTP response headers - technote.
  • Configure appropriate TLS versions and cipher suites for the Microservices tier - technote.
  • Avoid insecure deserialization in IBM® InfoSphere® Information Server Java Remote Method Invocation services - technote
  • Samesite can be configured as strict for two WebSphere related cookies:
    1. JSESSIONID cookie: The CookieSameSite property can be specified as Strict in the WebSphere Administration console at Servers > Server Types > WebSphere application servers > server1 > Session management > Custom properties > New. For more details, see PH22157.
    2. LtpaToken2 cookie: In the WebSphere Administration console, a new custom property, can be specified as Strict at Security > Global security > Custom properties > New. For more details, see WebSphere documentation.