Best option: use a reverse proxy like haproxy or nginx to inject these.
You can also terminate SSL at this layer for better SSL support and
performance.
-Joan
On 02/07/2020 05:01, Mody, Darshan Arvindkumar (Darshan) wrote:
Hi
In our project we would like to set the header
Hi
In our project we would like to set the header X-Content-Type-Options and
strict-transport-security whenever CouchDB responds to an request
How can we set the headers?
Thanks in advance
Regards
Darshan
Hi Darshan,
Fauxton, the management GUI is just a web app that uses the CouchDB API that
your application uses as well.
The way to secure CouchDB is to secure who has access to the API. Whether or
not the management GUI is present makes no difference.
For example, if you have an CouchDB API
Hi
We are using CouchDB as the database in our project. One of the concerns from
the Security team is the management GUI which can lead to vulnerabilities
.
Is there a way to disable the management GUI
Thanks
Darshan