Post-installation Tasks for a Secure Deployment

Before you deploy the WAR file, you can increase the security of your installation by disabling certain functionality.

  1. To disable all test pages in the final warfile build, follow these steps:

  2. To remove the Run MQL page for Collaboration and Approvals, follow these steps:
    1. Open an MQL session.
    2. Run this command:

      mod menu AdminTools remove command AEFMQL;

      The AEFMQL command calls emxRunMQL.jsp.

  3. Disable unused servlets.
  4. Disable Web Services administration.
  5. Change all temp directories to set the GID (group ID) for all created files and subdirectories.
  6. Configure the server to block the print program and program.getcode commands for hidden programs. This prevents a malicious user from pushing user agent context and viewing passwords for an XML ADK context. To do so, follow these steps:
    1. Open the initialization file for editing:

      Windows
      Open the enovia.ini file.
      Linux
      Open the mxEnv.sh file.

    2. Add this environment variable:

      MX_ENFORCE_XML_ADK_SECURITY=TRUE

    3. Save the enovia.ini or mxEnv.sh file.
  7. Check and adapt the internal sender email address:
    1. To check the email address of the "User Agent" through MQL: print person "User Agent";
    1. To set a valid email address in order to comply with the SMTP Server: modify person "User Agent" email...;