You are here

Security policies and filters

You can configure a number of policies and filters in Alfresco Share to mitigate security attacks.
Important: Cross-Site Request Forgery (CSRF) and Alfresco

The Open Web Application Security Project (OWASP) describes Cross-Site Request Forgery (CSRF) as a type of attack that occurs when a malicious web site, email, blog, instant message, or program causes a user's web browser to perform an unwanted action on a trusted site for which the user is currently authenticated (see the Cross-Site_Request_Forgery Prevention_Cheat_Sheet).

The Share application must be accessible on the network to be available to users, and so it is protected with a CSRF filter.

If you want to protect those areas against CSRF attacks, then you will need to implement a solution similar to one of those listed on the CSRF prevention cheat sheet. Of particular interest is a solution based on Apache with mod_csrf because of efficiency and its loose coupling with the applications to protect.

When setting up a production Alfresco instance, you should ensure that /alfresco is protected behind a firewall.

Sending feedback to the Alfresco documentation team

You don't appear to have JavaScript enabled in your browser. With JavaScript enabled, you can provide feedback to us using our simple form. Here are some instructions on how to enable JavaScript in your web browser.