WordPress is one of the most popular CMS systems. It is easy to use, can be run in the cloud or on premise, and offers a wide range of plugins and themes. WordPress is available for almost 20 years. It has a huge community and allows to run a web Read more…
In the first part of this small series I described how I found an “internal” page from SAP: the SAP Help Portal status page. Intended to be accessible to everyone, the layout made it appear to be for internal and authenticated access only. While this was solved rather quickly, SAP Read more…
„We take security seriously“ or „we take your privacy and security seriously” is what you hear from every company that offers some kind of service on the internet. It is what customers want to hear, what shareholders want to hear, and of course, what employees want to hear. After all, Read more…
Note: the Customer Influence website is currently down. The HANA Logon App for e.g. Admin, IDE, Repo is still accessible: https://influence.sap.com/sap/hana/xs/formLogin/login.html Recently I looked at the SAP Customer Influence website. Besides an interesting OData service I came across several other points I think are worth to mention. At the time Read more…
Certificate pinning aims to close a trust problem that comes with PKI architecture: you trust the certificate authority (CA) and assume that the server is valid, because you trust the CA. Certificate pinning aims to ensure that you also can also trust the server. How is pinning going to achieve Read more…
SSL is out, TLS is the new kid in town (although already pretty old) and to keep security high on your SMP3 server, a question remains: how to enable TLS on SMP3? Easy: it is already configured! By default, SMP3 comes with TLS enabled. The trick is to configure it Read more…
Having a SSL certificate installed and available in IIS, access to web sites / applications can be secured using SSL. Next step is to secure the access to the Afaria Web Application. This will be done by activating SSL for the entire web site, that is: all resources under the Read more…
Updating a system with SUM is as easy as walking into Mordor. Upgrading a SPS needs you to have a stack XML and when you put SCAs that are signed into a folder, you still have to ensure that SUM can verify the validity of the files. To do so, SUM Read more…