Securing your IIS server

When ABBYY FlexiCapture 12 is deployed, the default IIS security configuration settings are used. You can also set up additional rules for specific requests to make your web server more secure.

Important! If you encounter the "Due to browser policy restrictions, this URL cannot be opened using the insecure HTTP protocol. Please use the secure HTTPS protocol or change your browser policy." error while working with a web station, it means that you are using the product in iFrame over the unsecured HTTP protocol. For more information about the causes of the error and possible workarounds, see iFrame restrictions.

The Content-Security-Policy Header

The HTTP Strict-Transport-Security Header

The X-Powered-By and X-AspNet-Version Headers

The X-XSS-Protection Header

The X-Content-Type-Options Header

The Server Header

The X-Frame-Options header

Slow HTTP POST vulnerability

Using HTTPS instead of HTTP

Using up-to-date TLS version and strong ciphers

Protection Against Distributed Denial-of-Service Attacks

11/15/2022 10:12:44 AM

Please leave your feedback about this article

Usage of Cookies. In order to optimize the website functionality and improve your online experience ABBYY uses cookies. You agree to the usage of cookies when you continue using this site. Further details can be found in our Privacy Notice.