Security practices - IPv6 / DNSSEC / HTTPS / HSTS

Options
Bas van Ginkel
Bas van Ginkel Member
in ? Security

We've done a project for a dutch govermental organisation on another platform recently. A lot of effort went into getting the security rating of the platform suffienctly high to pass their IT requirement.

Because of this we also started looking at how Xano scores on their metrics. Xano in a default configuration starts at a 49 out of a 100. Absolutely not the worst score out their because some of their test should not be applied to a solo backend.

A few things from the test that we would really like to resolve if possible:

  • Webserver not reachable by IPv6
  • DNSSEC
    • We'll be running xano on a custom domain so this wil partially be our doing.
    • On CNAME redirect they do also checn DNSSEC for the CNAME domain.

Some further comments

  • HTTPS redirect
    • This insufficient test result seems invalid since you redirect using the 307 HTTP CODE.
    • We'll contact the test creator about this.
  • Security options
    • These mainly have to do with front-end applications so not having these available shouldn't be an issue.
    • A security.txt option would be a nice nerdy addition. ;)

Direct access to the test results with additional information:

https://en.internet.nl/site/xn1p-iyvo-dsj3.f2.xano.io/2396811/

Love to hear your thoughts on this,

Bas van Ginkel

Tagged:
· Share on Twitter

Answers

Categories