SharePoint Framework (SPFx) is a page and web part model that provides full support for client-side SharePoint development. You can use modern web technologies and tools to build productive experiences and apps that are responsive and mobile ready. To start the development environment, you have to install following tools:
NodeJS Yeoman Gulp You will also need to install code editor such as Visual Studio Code, Sublime Text, Atom, Webstorm etc.
dIn part 4, we have sanitize response header from SharePoint portal by modifying response header through web.config custom header modification. Unfortunately, during my testing not all response header can be modified using this technique. Therefore we need to use custom httpmodule to clean-up the response header. Following are the list header that will be removed from the response using this technique:
Server X-AspNet-Version X-SharePointHealthScore SPRequestGuid X-Powered-By MicrosoftSharePointTeamServices SPIisLatency SPRequestDuration X-MS-InvokeApp We also want to add additional response header:
Part 2, I introduced reverse proxy server as an answer to secure SharePoint public site. As reverse proxy is independent from SharePoint server farm, this avenue gives more independency towards the method or items to secure. In part 3, I will show how to configure IIS server as Reverse Proxy and configure SharePoint AAM – so that the user will be able to access SharePoint through reverse proxy.
Before you continue this reading, you need to configure IIS reverse proxy.
In part 1, I elaborate what was the challenge in SharePoint default configuration and the default response header produced by WFE. Part-2, I will show how to clean response header and add additional layer of protection. From standard SharePoint deployment, we add a reverse proxy that will act as medium between the user (external client) and the SharePoint farm. So our diagram will change as follow: In computer network, a reverse proxy is a type of proxy server that retrieves resources on behalf of a client form one or more servers.
In this post I will share how to secure SharePoint public site and follows the recommendation of OWAPS Top Ten. OWASP Top Ten is a powerful awareness document for web application security. It represents a broad consensus about what the most critical web application security flaws are. The goal here is to apply the changes to SharePoint standard installation as minimal as possible, so that the security rules will be applied independently.
SharePoint 2016 installation offer minimal role configuration where Administrator can choose from one of different roles:
Single Server Farm Front End Application Distributed Cache Search Custom You will choose the role during installation, and the installer will activate only specific services based on selected role.
So, then how can we change the role after SharePoint has been provisioned?
Fortunately, Microsoft provides simple user interface to convert from one role to another.
I have been using their service since 1 year ago, but I forget to put in my blog until last week they notify about my SSL certificate expiration. Eventually I forget all the steps to create the certificate - but I manage to renew my SSL certificate for another year for FREE! Before going further, let me confess that I am using StartSSL PKI. I stumbled upon their offer after googling to find economical SSL certificate creation.