Secure OpenFire for Enterprise Usage: Basic Settings


Now, we need to get this server secured and audited for enterprise use!

I assume you can’t have other third-parties proxying conversations for you (it would be nice as it opens up performance enhancing features but… not going to get you through many external security audits…) so go to:
server –> server settings –> server to server –> service enabled –> tick DISABLED then save settings && allowed to connect –> tick White List then save settings.

Go to server –> server settings –> HTTP Binding –> at the top, tick “Disabled” — Save Settings

Go to server –> server settings –> Registration & Login –> Change Password –> tick disabled && Anonymous Login –> tick disabled –> Save Settings

Go to server –> server settings –> Private Data Storage –> tick Disable Private Data storage –> Save settings

Go to server –> server settings –> Security Settings –> Client Connection Security –> Tick “Custom” & then tick “Not Available” for the “Old SSL Method” and “Required” for the “TLS Method” && then Server Connection Settings –> Tick Required –> Save Settings

Go to server –> server settings –> File Transfer Settings –> Proxy Service –> Tick “Disabled” –> Save Settings

This post has no comments. Be the first to leave one!

Leave a Reply