It's much more fun, when you can discuss your problems with others...
You are not logged in. Please login or register.
FrontAccounting forum → Installation → Website Compression
Hi,
I am trying to increase the security of my site hosting FrontAccounting. One of the security requirements is to remove the compression (gzip) of the site.
However, as soon as I do that, the third column in the reports section of FrontAccounting, seizes to work.
Anyone knows the reason for this?
Thanks in advance
Carmelo
Wird, I have no idea. Just curious, what is unsafe in using compression?
Janusz
The problem with compression is that it leaks information that can be used by a third party.
We are creating a PCI DSS Compliant site for Front Accounting as we want to protect the financial information of those using the site. Removing compression is one of the requisites. See the following:
https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
Regards
Carmelo
Thanks, interesting article. Still I see no sensible explanation how html rendering in browser can depend on whether SSL compression is used or not. Have you tried to use Firebug or something similar to debug the problem?
Janusz
Firebug? That's a good idea.
Thanks
Carmelo
FrontAccounting forum → Installation → Website Compression
Powered by PunBB, supported by Informer Technologies, Inc.
Currently installed 4 official extensions. Copyright © 2003–2009 PunBB.