Security Hardening for your SmartHub Instance

Security Hardening for your SmartHub Instance
How to Exclude a File from Loading in a SmartHub page
How to Exclude Unused Integration Options from SmartHub

How to Add or Remove Response Headers

The <customHeaders> element of the <httpProtocol> element specifies custom HTTP headers that Internet Information Services (IIS) returns in HTTP responses from the Web server.

Navigate to the SmartHub directory<SmartHub_Installation_Root>
Search for web.config
Using a text editor, open web.config
Search for <customHeaders>
Between <customHeaders></customHeaders> add your request headers needed
Example:
<customHeaders>
<add name="X-Frame-Options" value="SAMEORIGIN" />
</customHeaders>
In case that you want to remove a response header, add
<remove name ="ExampleResponseHeader" />

How to Exclude a File from Loading in a SmartHub page

If you want to exclude files that are provided out-of-the box via theDefaultModuleSettings.jsfile, use theSH.Loader.PathsToExcludeobject in your custom settings file to exclude them. (default location:<SmartHub_Installation_Root>/modules/SmartHubResourceLoader/CustomSettingsTemplate.js)

In the next example, the ProximitySearch module is excluded.

Example

SH.Loader.PathsToExclude = [
    ["/modules/ProximitySearch/ProximitySearch.js"]
];

Note: Optional: After you exclude using above example a file, you can delete it from disk.

How to Exclude Unused Integration Options from SmartHub

If you want to exclude files that are provided out-of-the-box in the package from integration folder, you can delete it.

At update time, the folders removed from integration folder, must be delete it again.