After introducing Perfect Forward Secrecy, the security level of 4D Web server has been increased again with the support of HTTP Strict transport Security (HSTS). Henceforth, 4D Web server is compliant with the very latest security protocols. Simply upgrade to 4D v17 and enable HSTS to get the A+ ranking (the highest level) from SSL Labs for your web sites!
There’s a saying about not sweating the small stuff, but when it comes to security, it’s often the little things that have the biggest impact.
On the “Backup” page of Database Settings, you’ll notice an option for an automatic restore of the last backup if your database is damaged. To provide you with the best level of protection for your data, this option is now checked by default for new databases, right out of the box.
HTTPS is a well-known HTTP protocol, covered with a layer of SSL/TLS encryption goodness. This protocol is intended to provide confidentiality and integrity by encrypting communications between your server and your end users, rendering your data secure from prying eyes.
4D v16 R6 takes it a step further: 4D Web server now supports Perfect Forward Secrecy (PFS). This provides you with the highest security level for your communications – by default! Beyond the protection it provides, the support of PFS also increases the SSL audit test results of an out-of-the-box 4D server, which is great for our customers. Especially those working with sensitive information.
Over the years, security has become a core topic for business applications. As a 4D developer, you are constantly facing customers who pay close attention to the level of security in the solutions they use for running their everyday businesses.
To help you answer your customers’ security-related questions, we are pleased to announce the release of the 4D Security Guide.
This reference document describes all the built-in tools and techniques involved in creating a secured environment for your business applications: from authentication and TLS encryption, to data access system and data protection. Now it’s time for you to check it out!
The digest functions are mathematical functions that compute a digest key for a document. Identical documents have the same digest key; if you change part of the document, the digest key is different. These functions are very useful for checking data integrity when you exchange or compare data. In 4D v16 R5, 4D has enhanced the Generate digest command to support SHA-2 algorithms following security recommendations.
Security is becoming an increasingly important topic as business applications become more frequently accessible through the web and are, as a result, more vulnerable to threats. As 4D is closely paying attention to security matters, in 4D v16 R5 we are providing you with a couple of security improvements, and one of them relates to the web users’ password protection through password hashing.
By the way, if you want to know more about how 4D is helping you to protect your data and with the security in general, I recommend you to take a look at this blog post.
Over the years, security has become a core topic for business applications. Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as “SSL”, are cryptographic protocols that provide communications security over a computer network. The TLS version that your application is using for web or client/server connections, for instance, contributes to its security level.
4D supports all TLS versions: 1.0, 1.1 and 1.2. The protocol version used is negotiated between the server and the client when establishing the connection. To increase the security level, beginning with 4D v16 R5, the default minimum supported version is TLS 1.2, older versions are rejected, as they could be unsecure.
Security is an important and fundamental topic for a database or business solution system. This article proposes an overview of how 4D protects your data. In fact, security is about data protection. And data protection is a huge area. Data needs to be protected for unwanted access, but also for loss.
Got a question, suggestion or just want to get in touch with the 4D bloggers? Drop us a line!