Skip to main content

Security Architecture

In terms of security, the Xillio Link Redirector itself can be an interesting target for hackers due to the nature of the software. It being a proxy through which a potentially large amount of request will flow. Several procedures have been put in place to limit the risk of being vulnerable.

Security model

This model shows a generic setup with several best practices. It is strongly advised to use these security measures; such as a secure connection to your database and encrypting your configuration. General Security Architecture

Secure Connections

All incoming traffic requires HTTPS using TLS v1.2 or later. Because older legacy URL's are also supported, it is still possible to enable unsafe HTTP requests. However, configuring the Xillio Link Redirector to automatically redirect incoming HTTP traffic to HTTPS is strongly recommended. This can be done through the server.forceHttps-directive in the configuration.

When setting up a database connection, it is strongly recommended to use an encrypted connection. For example, MongoDB or Postgres support SSL connections.

Access Control & Authentication

The Management API of the Xillio Link Redirector can listen on a different port, for which specific firewall rules can be configured. It is strongly recommended to use a whitelist of IP addresses to limit the access to the management API. The same whitelisting strategy can be applied to the Redirect Manager that is responsible for all incoming traffic (by default on ports :80 and :443).

To secure access to the management even further, several authentication methods can be implemented based on preference/configuration. Currently, Basic- & Digest-authentication methods, as well as JWT, are supported. More information on how to configure these authentication methods can be found in Configuring your application.

By authenticating the request to the management API, the application is able to create an audit trail/log.

Encrypted configuration

When using the Xillio Link Redirector, credentials are required to connect to several third-party applications. Since this is highly sensitive information, safe storage of credentials is insured by allowing the configuration file, in which the credentials can be found, to be stored encrypted.

See Securing your configuration for more information on this topic.

Attack vectors

To conclude, this is how the Xillio Link Redirector keeps the attack surface as small as possible.

  • Several security features:
    • Securing incoming/outbound traffic
    • Limit access and require authenticate on management endpoints
    • Encrypted configuration file
  • We only process incoming URL's of a request to do the redirecting and protect from all known remote execution throughout the processing of this URL.
  • The Xillio Link Redirector run in an isolated environment.
  • It can be configured to do redirects without directly accessing filed directly. This means that the browser of a user will be responsible for fetching, authenticating, and managing responses.