doc @context;literal@

@doc.title@

This page gives a quick overview of important security and privacy relevant configuration information of the OpenACS installation. Some of these parameters are taken from the used configuration file @ns_info_config@, and some information is defined via OpenACS package parameters or the OpenACS permission system.

Please note that this page provides just a quick overview of the configuration of this site and cannot replace any detailed vulnerability check.

Server is running on a public IP address: @public_ip_addr_p_label@
Reverse proxy setup: @reverse_proxy_setup@
System locale: @system_locale@
Installed locales: @installed_locales@
Installed packages: @number_of_packages@
Does NaviServer version number appear on system pages: @version_numbers_on_result_pages@
Custom reply pages: @custom_server_reply_pages;noquote@
Custom error pages: @custom_error_pages@

Package Parameter Check

The following subset of security parameters are configured for this system. The full list of parameters are available from the Site-Wide Administration pages and from the site map of the defined subsites.

Parameter	Package	Value	Diagnosis
@parameter_check.parameter_name@	@parameter_check.package@	@parameter_check.value@	@parameter_check.diagnosis@

Permission and Accessibility Check of Mounted Packages

The following information is collected from requests to @current_location@/... from a not-logged-in user. The current location is taken from the request URL of this page. You might consider calling this page with a different domain name in the browser URL.

The following sections list common places which might or might not reveal information to third parties. The requirements for an internal development instance are typically different from a public community web site. The diagnosis is based on the assumption that there is no firewall protection of the site.

URLs revealing potentially @link_check.type@ information

URL Status Permission Info Diagnosis

@link_check.url@ @link_check.status@ @link_check.permission_info@ @link_check.diagnosis@

URLs revealing potentially @link_check.type@ information
URL	Status	Permission Info	Diagnosis
@link_check.url@	@link_check.status@	@link_check.permission_info@	@link_check.diagnosis@

In addition to these common places, please check the details via site nodes. This site has @numSiteNodesEntries@ site node entries. Extensive permission checks on site nodes are currently only permitted under PostgreSQL. @numPublicReadableSiteNodes@ packages are mounted with public readable access (details). The permission query might take some time since this number is higher than the threshold of @sitenodeBoundary@. Please check on the page installed packages for details. This page might take up to several minutes.

Machine Readable Infomation for External Parties

URL	Status	Diagnosis
@machine_readable.url@	@machine_readable.status@	@machine_readable.diagnosis@ (Details: @machine_readable.detailLabel@)

Response Header Check

The following subset of security-related response header fields will be returned when the home page of this server is requested:

Header Field	Value
@hdr_check.field@	@hdr_check.value@

You might consider testing the security of your HTTPs setup for @host_header@ via the SSL Labs service from Qualys.

External Library Check

The following summary is based on the recommended setup of external JavaScript libraries (providing a proc with "resource_info"). These libraries can be used via CDN or a local copy of the library. The CDN state can be altered via the site-wide admin pages, included in the links below.

Library Installed Locally Configured Version Vulnerability Check Available Version Diagnosis

@library_check.library@ @library_check.installed_locally@ @library_check.installed_locally@ @library_check.configured_version;literal@ @library_check.available@ @library_check.diagnosis@