Administration considerations

This article provides recommendations for securing the Internet server.

Following are some security considerations for administering your Internet server.

You perform setup and configuration functions by using a Web browser and the *ADMIN instance. For some functions, such as creating additional instances on the server, you must use the *ADMIN server.
The default URL for the administration home page (the home page for the *ADMIN server) is published in the documentation for products that provide browser administration functions. Therefore, the default URL will probably be known by hackers and published in hacker forums, just like the default passwords for IBM-supplied user profiles are known and published. You can protect yourself from this exposure in several ways:
- Only run the *ADMIN instance of the HTTP server when you need to perform administrative functions. Do not have the *ADMIN instance running all the time.
- Activate SSL support for the *ADMIN instance (by using Digital Certificate Manager). The *ADMIN instance uses HTTP protection directives to require a user ID and password. When you use SSL, your user ID and password are encrypted (along with all the other information about your configuration that appears on the administration forms).
- Use a firewall both to prevent access to the *ADMIN server from the Internet and to hide your system and domain names, which are part of the URL.
When you perform administration functions, you must sign on with a user profile that has *IOSYSCFG special authority. You might also need authority to specific objects on the system, such as the following:
- The libraries or directories that contain your HTML documents and CGI programs.
- Any user profiles that you plan to swap to within the directives for the server.
- The Access Control Lists (ACLs) for any directories that your directives use.
- A validation list object for creating and maintaining user IDs and passwords.
With both the *ADMIN server and TELNET, you have the capability to perform administration functions remotely, perhaps over an Internet connection. Be aware that if you perform administration over a public link (the Internet), you might be exposing a powerful user ID and password to sniffing. The ″sniffer″ can then use this user ID and password to attempt to access your system using, for example, TELNET or FTP.
The HTTP directives provide the foundation for all activity on your server. The shipped configuration provides the capability to serve a default Welcome page. A client cannot view any documents except the Welcome page until the server administrator defines directives for the server. To define directives, use a Web browser and the *ADMIN server or the Work with HTTP Configuration (WRKHTTPCFG) command. Both methods require *IOSYSCFG special authority. When you connect your system to the Internet, it becomes even more critical to evaluate and control the number of users in your organization who have *IOSYSCFG special authority.

Notes:

TELNET, the Sign On display is treated like any other display. Although the password does not display when you type it, the system transmits it without any encryption or encoding.
With the *ADMIN server, the password is encoded not encrypted. The encoding scheme is an industry standard, and thus commonly known among the hacker community. Although the encoding is not easily understood by the casual ″sniffer,″ a sophisticated sniffer probably has tools to attempt to decode the password.

Security tip: If you plan to perform remote administration over the Internet, you should use the *ADMIN instance with SSL, so that your transmissions are encrypted. Do not use an insecure application. If you are using the *ADMIN server across an intranet of trusted users, you can safely use this for administration.