Security hardening

You can secure your installation against specific vulnerability types. Follow the steps in tech notes to secure the installation.

• To protect against Host header injection - technote.
• To protect against Content spoofing - technote.
• To protect against Information disclosure in X-Powered-By HTTP response headers - technote.
• Configure appropriate TLS versions and cipher suites for the Microservices tier - technote.
• Avoid insecure deserialization in IBM® InfoSphere® Information Server Java Remote Method Invocation services - technote
• Samesite can be configured as strict for two WebSphere related cookies:
  1. JSESSIONID cookie: The CookieSameSite property can be specified as Strict in the WebSphere Administration console at Servers > Server Types > WebSphere application servers > server1 > Session management > Custom properties > New. For more details, see PH22157.
  2. LtpaToken2 cookie: In the WebSphere Administration console, a new custom property, com.ibm.websphere.security.addSameSiteAttributeToCookie can be specified as Strict at Security > Global security > Custom properties > New. For more details, see WebSphere documentation.