What are the best practices for securing a ROXY REST Extension that is on the public internet?
The REST API will use SSL encryption. Are there any rules of thumb to prevent Query, Schema, and JavaScript Injection attacks? Mike has this good post about using external variables. => http://blakeley.com/blogofile/2012/09/28/external-variables-(code-review,-pa rt-ii)/ Other NoSQL products, such as Redis, require the ports to be firewalled with a loopback interface to restrict external access. => http://redis.io/topics/security#network-security Is there any value to using the Redis firewall approach? Gary Russo Enterprise NoSQL Developer http://garyrusso.wordpress.com <http://garyrusso.wordpress.com/>
_______________________________________________ General mailing list [email protected] http://developer.marklogic.com/mailman/listinfo/general
