After introducing Perfect Forward Secrecy, the security level of 4D Web server has been increased again with the support of HTTP Strict transport Security (HSTS). Henceforth, 4D Web server is compliant with the very latest security protocols. Simply upgrade to 4D v17 and enable HSTS to get the A+ ranking (the highest level) from SSL Labs for your web sites!
There’s a saying about not sweating the small stuff, but when it comes to security, it’s often the little things that have the biggest impact.
On the “Backup” page of Database Settings, you’ll notice an option for an automatic restore of the last backup if your database is damaged. To provide you with the best level of protection for your data, this option is now checked by default for new databases, right out of the box.
HTTPS is a well-known HTTP protocol, covered with a layer of SSL/TLS encryption goodness. This protocol is intended to provide confidentiality and integrity by encrypting communications between your server and your end users, rendering your data secure from prying eyes.
4D v16 R6 takes it a step further: 4D Web server now supports Perfect Forward Secrecy (PFS). This provides you with the highest security level for your communications – by default! Beyond the protection it provides, the support of PFS also increases the SSL audit test results of an out-of-the-box 4D server, which is great for our customers. Especially those working with sensitive information.
The digest functions are mathematical functions that compute a digest key for a document. Identical documents have the same digest key; if you change part of the document, the digest key is different. These functions are very useful for checking data integrity when you exchange or compare data. In 4D v16 R5, 4D has enhanced the Generate digest command to support SHA-2 algorithms following security recommendations.
Security is becoming an increasingly important topic as business applications become more frequently accessible through the web and are, as a result, more vulnerable to threats. As 4D is closely paying attention to security matters, in 4D v16 R5 we are providing you with a couple of security improvements, and one of them relates to the web users’ password protection through password hashing.
By the way, if you want to know more about how 4D is helping you to protect your data and with the security in general, I recommend you to take a look at this blog post.
Over the years, security has become a core topic for business applications. Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as “SSL”, are cryptographic protocols that provide communications security over a computer network. The TLS version that your application is using for web or client/server connections, for instance, contributes to its security level.
4D supports all TLS versions: 1.0, 1.1 and 1.2. The protocol version used is negotiated between the server and the client when establishing the connection. To increase the security level, beginning with 4D v16 R5, the default minimum supported version is TLS 1.2, older versions are rejected, as they could be unsecure.
Got a question, suggestion or just want to get in touch with the 4D bloggers? Drop us a line!
* Your privacy is very important to us. Please click here to view our Policy