Pega Process Fabric Hub security dynamic system settings
The Pega Process Fabric Hub includes a set of dynamic system setting rules that increase the security of connections between your applications and the Pega Process Fabric Hub. As a result, you secure your application from any unauthorized or unauthenticated resources.
Dynamic system setting | Default value | Description | Category |
prconfig/HTTP/SetSecureCookie/default | true | Prevents the exposure of the session ID cookie and also prevents session hijacking as the browser sends cookies only across SSL protocols. | Security |
prconfig/initialization/DisableAutoComplete/default | true | Prevents client-side storage of user name and password combinations. Use this setting when you clear any existing stored sensitive information in the browser. | Browser data |
prconfig/initialization/PromoteEmbeddedPortals/default | true | Prevents additional invisible frames that can contain malicious code from embedding the Pega Platform HTML frame. | Browser data |
prconfig/security/showSQLInListPage/default | false | Suppresses the visibility of generated SQL on the clipboard page. | Security |
security/enableJavaInjectionMitigation | true | Enables Java mitigation detection for all ruleset versions. | Security |
- security/csrf/allowReferrersWithExactMatchOnly
- security/csrf/validreferers
- security/csrf/allowedStreams
- security/csrf/allowedActivities
- security/csrf/securedStreams
- security/csrf/securedActivities
- security/csrf/enableWhitelistReferrer
- security/csrf/secureall
- security/csrf/mitigation
Previous topic Updating the Pega Process Fabric Hub keystore Next topic Remote applications in the Pega Process Fabric Hub