3 results found
-
Use more secure ciphers by default
When performing a security check for a DXP site on internet.nl the result is that "Your web server does not prefer 'Good' over 'Sufficient' over 'Phase out' ciphers" and "Your web server supports one or more ciphers that have a phase out status, because they are known to be fragile and are at risk of becoming insufficiently secure.".
I suggest that more secure ciphers should be used on all DXP sites by default. The more secure ciphers are referred to as "Modern", "Compatible", and "Legacy" in the cloudflare documentation. https://developers.cloudflare.com/ssl/edge-certificates/additional-options/cipher-suites/recommendations/
6 votes -
Security
We are currently using Anglian water Optimizely CMS 11 and to strengthen our bot mitigation capabilities, we would like to implement Cloudflare Bot Management, including fingerprinting mechanisms for advanced bot detection.
We understand that fingerprinting is a separate product offered by Cloudflare and is not currently included in the Optimizely DXP offering.We are requesting your Implement to:
- Implement Cloudflare Bot Management within our existing Optimizely CMS 11 setup.
- Integrate fingerprinting mechanisms to enhance bot detection and protection. 3.Configure real-time anomaly detection to throttle traffic from suspicious ASNs or geolocations.
1 vote -
Web page listing security bulletins for Optimizely products
We would like a single point of truth for identified security issues so that we can support our clients.
Ideally this would include affected products/versions as well as suggested patches or remedies.
Ideally this would include all Optimizely products, not just CMS or Commerce.16 votes
- Don't see your idea?