By default, Cerberus FTP Server's Web Services access is disabled, emphasizing the importance of understanding the security implications before enabling it. While users are responsible for their knowledge of Web Services and associated risks, here are crucial reminders:
Lock Down the Web Service Port:
- Ensure that the port used for Web Services is securely restricted. If the communication is solely between programs on the same machine, the Web Services port should not be externally accessible.
Manage Service Requests:
- Recognize that anyone with access to the Web Services port can send service requests to Cerberus FTP Server, posing a potential security risk. Establish a robust Remote access password to mitigate this threat.
Encryption for Enhanced Security:
- HTTP, the foundation of Cerberus FTP Server's Web Services, transmits information as unencrypted text. Be cautious, as data sent over HTTP is vulnerable to interception. To significantly enhance security, Cerberus provides the option to use SSL/TLS support for Web Services over HTTPS.
- Consider using HTTPS instead of HTTP to transmit data securely. HTTPS encrypts the data during transmission, reducing the risk of interception and unauthorized access.
gSOAP Toolkit Usage:
- Cerberus FTP Server employs the gSOAP toolkit for implementing Web Services. Further details about gSOAP can be found on the gSOAP home page.
Understanding and implementing these security considerations will contribute to a more secure and reliable deployment of Cerberus FTP Server's Web Services.