A+ security ranking for 4D web sites
After introducing Perfect Forward Secrecy, the security level of 4D Web server has been increased again with the support of HTTP Strict transport Security (HSTS). Henceforth, 4D Web server is compliant with the very latest security protocols. Simply upgrade to 4D v17 and enable HSTS to get the A+ ranking (the highest level) from SSL Labs for your web sites!
Backup and Security
There’s a saying about not sweating the small stuff, but when it comes to security, it’s often the little things that have the biggest impact.
On the “Backup” page of Database Settings, you’ll notice an option for an automatic restore of the last backup if your database is damaged. To provide you with the best level of protection for your data, this option is now checked by default for new databases, right out of the box.
Higher security ranking for 4D web sites
HTTPS is a well-known HTTP protocol, covered with a layer of SSL/TLS encryption goodness. This protocol is intended to provide confidentiality and integrity by encrypting communications between your server and your end users, rendering your data secure from prying eyes.
4D v16 R6 takes it a step further: 4D Web server now supports Perfect Forward Secrecy (PFS). This provides you with the highest security level for your communications – by default! Beyond the protection it provides, the support of PFS also increases the SSL audit test results of an out-of-the-box 4D server, which is great for our customers. Especially those working with sensitive information.
Check out our Security Guide!
Over the years, security has become a core topic for business applications. As a 4D developer, you are constantly facing customers who pay close attention to the level of security in the solutions they use for running their everyday businesses.
To help you answer your customers’ security-related questions, we are pleased to announce the release of the 4D Security Guide.
This reference document describes all the built-in tools and techniques involved in creating a secured environment for your business applications: from authentication and TLS encryption, to data access system and data protection. Now it’s time for you to check it out!
Generate digest now supports SHA-2
The digest functions are mathematical functions that compute a digest key for a document. Identical documents have the same digest key; if you change part of the document, the digest key is different. These functions are very useful for checking data integrity when you exchange or compare data. In 4D v16 R5, 4D has enhanced the Generate digest command to support SHA-2 algorithms following security recommendations.
Hash and verify passwords for web user login
Security is becoming an increasingly important topic as business applications become more frequently accessible through the web and are, as a result, more vulnerable to threats. As 4D is closely paying attention to security matters, in 4D v16 R5 we are providing you with a couple of security improvements, and one of them relates to the web users’ password protection through password hashing.
By the way, if you want to know more about how 4D is helping you to protect your data and with the security in general, I recommend you to take a look at this blog post.
More security for your 4D Server
Over the years, security has become a core topic for business applications. Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as “SSL”, are cryptographic protocols that provide communications security over a computer network. The TLS version that your application is using for web or client/server connections, for instance, contributes to its security level.
4D supports all TLS versions: 1.0, 1.1 and 1.2. The protocol version used is negotiated between the server and the client when establishing the connection. To increase the security level, beginning with 4D v16 R5, the default minimum supported version is TLS 1.2, older versions are rejected, as they could be unsecure.
Security and Data Protection
Security is an important and fundamental topic for a database or business solution system. This article proposes an overview of how 4D protects your data. In fact, security is about data protection. And data protection is a huge area. Data needs to be protected for unwanted access, but also for loss.
New rendering engine for Web Area
4D is updating its internal component for embedded Web Area objects for the most up-to-date and well-maintained existing rendering engine. As we want to durably support the state of the art in HTML and JavaScript technology, we are changing to Blink (also used in Google Chrome) for the Web Area for all 4D 64-bit versions.
Contact us
Got a question, suggestion or just want to get in touch with the 4D bloggers? Drop us a line!