Solar Archive Knowledge Base
  • 👋Welcome
    • Solar Archive's Structure
    • Contacting Support
    • Selling Email Archiving
    • White-label / Private Label
  • ⚡Quick Start
    • 1️⃣Creating a Tenant
    • 2️⃣Setting up Live Email Feed
    • 3️⃣Importing Old Email
    • 4️⃣Creating User Accounts
    • 5️⃣Checking Live Mail Receipts
    • ✅Finished Setup
    • 🆕Automated Onboarding
      • 1️⃣Admin Setup
      • 2️⃣Tenant Setup
      • 🔄Data Import
      • ☑️User Setup
  • 🧑‍🦲Managing Users
    • User Types
    • Creating Local User Accounts
    • Creating Basic User Accounts
    • Creating Data Guardian User Accounts
    • Creating Privileged User Accounts
    • Searching the User Directory
    • Adding a Delegation Link
    • Adding as Delegate
  • 🧙‍♂️Managing Tenants
    • Setting up a T1 Tenant
    • Setting up a T2 Tenant
    • Setting up a T3 Tenant
  • ⚙️Basic Configuration
    • Accessing Admin Options
    • Updating Company Information
    • Configuring Outbound Email Settings and Email Alerts
    • Configuring Global Account Settings
    • Managing Mail Server Connections
    • Configuring LDAP Settings
    • Managing Email Domains
    • Managing Email Addresses
    • Configuring Email Collector
    • Configuring SMTP Service Settings
    • Downloading / Emailing System Logs
    • Managing Exclusion Rules
  • ⚒️Advanced Configuration
    • Enabling Premium SSO
    • Configuring OAuth Connection Settings
    • Configuring Google Workspace OAuth and Service Account
    • Configuring Okta
      • Configuring Okta with SAML
      • Configuring Okta with SSO
    • Configuring Advance Company Settings
    • Setting Retention Period
    • Setting Search Date Limit
    • Setting Report Consolidation Period
    • Setting Case Folder Configuration Limits
    • Configuring Global Settings
    • Configuring SMTP Settings
    • Configuring Web Security Settings
    • Configuring System Alert Settings
    • Managing LDAP Search Filters
    • Viewing Company Summary
    • Managing Date Formats
    • Managing Headers
    • Configuring Error Email Respool Settings
    • Configuring De-Duplicated Email Respool Settings
    • Configuring Excluded Email Respool Settings
    • Configuring Windows File Share Settings
    • Tenant Deletion Procedure
    • Adding Custom Scripts to your Archive
    • Setting up Stubbing
    • OAuth Setup with Solar Archive
  • 🗃️Using the Archive
    • 🔎Search
      • Searching your Archive
      • Saving your Search
      • Sharing your Search
      • Filtering Search Results
      • Search (Classic Interface)
    • 📦Spaces
      • Creating a Space
      • Adding to a Space
      • Sharing a Space
    • 📄Results
      • Downloading a Single Result
      • Downloading Multiple Results
      • Printing Results
      • Result Headers
      • Forward Results
      • Restore Results
      • Saving to Space
      • My Archive
    • ⏳History
      • Saved Searches
      • Recent Search History
  • 🔐Legal Hold
    • Creating a Legal Hold Request
    • Managing Legal Hold Requests
  • 🗑️Authorised Delete
    • Requesting a Deletion
    • Managing Deletion Requests
  • 🏛️Archive Management
    • 🧲Importing Data
      • 📥Mailbox Reader
        • Creating a New Mailbox Reader Import
        • Monitoring Mailbox Reader Imports
      • 🗂️Configuring Folder Replication
        • Getting Started
        • Configuring a new Connection for Folder Replication
        • Monitoring Folder Replication
        • Completion of Folder Replication Process
        • Using Folder Replication
    • 🎨Branding
    • 💰Billing
      • Monitoring Usage
      • Submitting Reports
  • 🔌Outlook Add-in
    • Local Add-in Install
    • Centralised Add-in Install
    • Introduction to the Outlook Add-in
    • Searching via the Outlook Add-in
    • Pinning the Outlook Add-in
    • Continuing your Add-in Search on the Archive Interface
  • 🛰️Release Notes
    • 26-01-2024 (v9.4.4-b69-00)
    • 11-10-2023 (v9.4.4-b52-00)
    • 10-05-2023 (v9.4.4-b52)
    • 06-03-2023 (v9.4.4-b50)
    • 20-01-2023 (v9.4.4-b46)
    • 06-05-2022 (v9.4.4-b29)
    • 28-01-2022 (v9.4.4-b21)
    • 09-12-2021 (v9.4.4-b15)
    • 15-10-2021 (v9.4.4-b14)
    • 05-10-2021 (v9.4.4-b12-00)
    • 30-07-2021 (v9.4.3-b8)
    • 18-05-2021 (v9.4.3-b7)
    • 19-02-2021 (v9.4.3-b1)
    • 04-02-2021 (v9.4.2-b20)
    • 15-01-2021 (v9.4.2-b17)
  • OAuth setup with Office 365
Powered by GitBook
On this page

Was this helpful?

  1. Advanced Configuration

Configuring Web Security Settings

Configuring your archive's web security settings

The Web Security Settings section allows Administrators to configure settings that prevent malicious execution of code either on Solar Archive itself, or on the end user PC via the Solar Archive Web.

  1. Navigate to Adv Configuration > Web Security Settings.

  2. Enter / Select the required values in the fields. Refer to the table below for field names and descriptions.

  3. Click "Save"

Note: Please hover over the on-screen information for additional information about field names and related areas.

Field
Description

Referrer Validation Level

Validation level for links coming from referrer sites.

Allowed Referrer Hosts

List of hostnames / host addresses from which URL links to Solar Archive web will be allowed. This field plays two key roles: - Intranet links to Solar Archive: To prevent websites that you are not aware of from linking to this Solar Archive system. In theory, a malicious third party web site may try to mask the Solar Archive web behind its own UI. Therefore, for your internal intranet web or any other portals that you know about that link to the Solar Archive web you will need to add their hostname to the referrer list here. Without this your users will see an “Unknown Referrer – access denied” message – showing the referrer hostname that is not known to Solar Archive. - Stubbing URL Links when security is enabled (transport agent / OWA Plugin): Stubbing services will convert attachments in Exchange Emails to URL links. These URL links will open the attachment from Solar Archive. If Stubbing URL Security is enabled then every time a Stub URL link is followed, Solar Archive will try to obtain the users username to see if they are valid to view the attachment [a sender or recipient of the email containing the attachment]. However, to allow the “Transport Agent” and the “OWA Plug-in” will also follow these URL links. However they will need to bypass the security check. So enter the server name / IP address on which the Transport Agent and OWA Plug-In are installed.

Malicious web parameter handling

Action that should be taken to handle malicious web parameter.

Filter web parameters with AntiSamy

Specifies whether or not the feature of filtering web parameters with AntiSamy is turned On.

Display HTML editor controls

Specifies whether HTML editor controls are shown or hidden to the users.

Ensure HttpOnly cookie

Specifies whether or not HttpOnly cookie should be used to prevent illegitimate access.

Force a login check for stubbing URL Links

Specifies whether or not users are checked and must be a sender or recipient of the email that contains the attachment.

Protection against framing attacks

Specifies whether or not other websites should be prevented from framing pages of Solar Archive web application.

Discard web requests containing unsafe characters in ‘referer’ header

Specifies whether or not referer headers, in web requests, are checked, for potentially unsafe value.

PreviousConfiguring SMTP SettingsNextConfiguring System Alert Settings

Last updated 2 years ago

Was this helpful?

⚒️