Enable Phishing Protection

By default, when using all Exalead CloudView administration interfaces (Administration Console, API Console, Mashup Builder, Business Console), redirection URLs are not secured.

We cannot know how you access Exalead CloudView (for example, behind a proxy) and therefore, we cannot set a default host.

The following procedure explains how to make sure that redirection URLs match host/port from a list of trusted hosts.

See Also
Secure Custom Developments
Enable Cross-Site Request Forgery Protection (CSRF)
Enable Clickjacking Protection
Control IP Address Binding
  1. Open the API Console (<HOSTNAME>:<BASEPORT>+1/api-ui/).
  2. Click Manage.
  3. Select setProductSecurity .
  4. Edit the <trustedHost> node to declare all trusted hosts (replace HOST and PORT):
    <master:trustedHost>
      <bee:StringValue value="HOST1:PORT1"/>
      <bee:StringValue value="HOST2:PORT2"/>
      <...>
    </master:trustedHost>
  5. Click Apply.
  6. Restart Exalead CloudView.