Table of Contents
- Title and Copyright Information
- Preface
- 1 General Security Principles
-
2
Secure Installation and
Configuration
- 2.1 Architecture Diagram
- 2.2 Installing WebLogic
- 2.3 Configuring SSL
- 2.4 Disable SSLv3
- 2.5 HTTP Response Header Configurations
- 2.6 Cookie Attributes
- 2.7 Password Policy Guidelines
- 2.8 Configuring 2FA for login
- 2.9 Configuring 2FA Attributes
- 2.10 Choosing a non blocking PRNG
- 2.11 Mobile App SSL Pinning Configuration
- 2.12 Generating Security Keys
- 2.13 API Rate Limiting Recommendations
- 2.14 Host Header Injection Attack Recommendations
- 3 Guidance for Implementation Teams
- 4 List of Topics
- Index