Frameworks
Integrations
Mendix
SharePoint
Default UI
Modular UI
AnnotationManager
Annotation Types
Customize
Version 11
Version 10
v10.12
v10.11
v10.10
v10.9
v10.8
v10.7
v10.6
v10.5
v10.4
v10.3
v10.2
v10.1
v10.0
Version 8
v8.12
v8.11
v8.10
v8.9
v8.8
v8.7
v8.6
v8.5
v8.4
v8.3
v8.2
v8.1
v8.0
Version 7
Version 6
v6.3
v6.2
v6.1
v6.0
Version 5
Version 4
Version 3
Version 2
WebViewer Server
WebViewer BIM
This guide details how you can improve the overall security of WebViewer Server in your environemt.
In order to secure your container in your environment, we suggest you do the following.
For more in depth and general purpose solutions to improving container security, please refer to this guide.
In addition to the to the innate security advantages of containerization, we have taken additional measures for this specific container:
WebViewer Server is designed to request files from a server. This means that between all clients and the file server, WebViewer Server can expose access to all files on the file server. The common way of dealing with this is to add security to your server. This can be done by:
If you are concerned with clients still having access to files which they have lost access to we recommend enabling the TRN_FORCE_URL_RECHECK. This will force the file links to be rechecked for validity every time they are requested.
We recommend reviewing our security configuration options to improve web security. We recommend the following options be set within your system.
Set this to false to prevent vulnerabilities arising from the demo code packaged with WebViewer Server
Set this to your Webviewer client domain to restrict requests to that domain.
Set this to the root of your file server, which will restrict file requests to any other domain.
If you have concerns with cached files being accessible if the link is given out, you can set the following options. Keep in mind these options will come with a loss in performance due to the loss of cache sharing.
Did you find this helpful?
Trial setup questions?
Ask experts on DiscordNeed other help?
Contact SupportPricing or product questions?
Contact Sales