Document toolboxDocument toolbox

Security Settings

Owned by Tom Wyczółkowski
Last updated: Nov 14, 2023 by Agnieszka Siemiatycka
3 min read

Settings regarding security features.

General settings

User input sanitizing

This is a security feature that will prevent potentially harmful data input. When enabled, a so called whitelist user input check will be made.
When enabled, this option will only allow for text and some basic special characters like text formatting: bemistrongu.

All other HTML (tags and attributes, scripts etc) will be removed.

Should this mode be too restrictive, it can be disabled. A basic input sanitizing will still be made to prevent potential XSS or SQL Injection attacks.
When disabled, only input recognized as dangerous will be cleared (that includes scripts, SQL, image tags and more).

Using this feature is recommended.

User Fields Filtering

Those option allows to hide user's username and/or e-mail in all non admin "share with/assign user" dialogs.
For example when both options are checked, User Picker will be filtered out and will only provide user's Full Name data.

Log Retention Policy label

Since 4.2

Log retention policy allows system administrator to control how long the system logs are stored.

A separate policy can be set for the following log types:

  • Successful login reports

  • Failed logins attempts

  • Administrative Activity entries

Policy settings are located in System Settings\Security\General settings panel:

Each of report type have two retention parameters:

  • Minimum Retention (Days) 

    • sets the minimum number of days this type of log is retained ("protection period" for log)

    • can be set in range from 0-1000 days

    • setting value to 0 will disable this feature

  • Number of Entries Limit  (Thousands)

    • sets the maximum number of entries that will be stored

    • applies to entries that are outside of "protection period"

    • this limit does not apply if the log entry is within the protected period set in Minimum Retention time. 

    • can be set in range from 1-1000 thousands

Log entries which exceed number of Entries Limit are deleted if they are older than value set for Minimum Retention (unless it's set to 0 so all logs that exceed entry limit will be removed per scheduled run of cleaning task).


A system scheduled tasks (one for each log type) will be executed every night and clean up logs according to policy settings. 

Each of this cleaning task can also be run on demand using Run now button.

Example 1: If a log retention is set to 90 days, and entries limit is 1000, logs that have less than 90 days will be stored, logs that are older than 90 days and exceed count, will be removed. 

Example 2: If log retention is set to 90 days, and limit is set to 1000, but there are only 500 entries, no entries will be removed even if 90 days pass.  

Antivirus

Antivirus Settings

Settings for antivirus program that will monitor all uploaded files to HDC. 

For customers in HDC.cloud server and port should not be changed. If needed, AV scanning can be disabled but it's not recommended.

If malware is detected, a pop-up message will be shown:

Security Notifications

Security notifications of security events are sent to this email address.

 

For customers in HDC.cloud this email address should not be changed.