Inhaltsverzeichnis
2.4 Security
Security-related settings.
Detailed Errors
"Gateway": { "DetailedErrors": false // Production: false! }
With true, full stack traces are returned.
Ad-Hoc Queries
"Gateway": { "AllowAdHocQueries": false // Disable for more security }
Prevents direct SQL execution via /query.
Recommendations
- Use HTTPS in production
- Ad-hoc queries only when needed
- Disable DetailedErrors in production
- Database user with minimal privileges
- Firewall: Only open required ports
Network Security
- Reverse proxy (nginx, IIS ARR) recommended
- Configure rate limiting at proxy
- IP whitelisting if possible
Zuletzt geändert: on 2026/01/29 at 11:20 PM
