Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space EDITLWSERVER and version 1.1.1

...

  • Run SERVER as a process pair (use the --backupcpu option).
  • Run at least one SWORKER process.
  • Start as many SWORKERs as needed according to anticipated load, each in different processors.
  • The SERVER process distributes load across available SWORKERs to the SWORKER with the least number of connections
  • If large numbers of TCP/IP connections are anticipated, configure multiple --service-ports using separate TCP/IP processes.
  • If TMF transactions are being used (by client applications or in API definitions).
    • Consider setting --max-tx-timeout to set an absolute limit on TMF transaction timeouts.
    • Consider setting --default tx-timeout to set the default TMF transaction timeout if not specified by client or API.
  • Leave HTTP logging disabled (installation default).
  • Use the monitor option where appropriate, to monitor changes to configuration files. See monitor.
  • Do not use diagnostic logging in performance sensitive environments unless absolutely necessary.

Security

  • Change the default administrator password!
  • Use Server Certificates and configure only https service portsHTTPS console and service ports.
  • Disable TLS v1.0 and v1.1 if possible. See --tls-protocols.
  • Use restrictive Access Control policiesPolicies.
  • Consider an external security appliance or reverse proxy if connected to untrusted networks.
  • Maintain separate development and production LightWave Server instances.
  • Use the sensitive schema property to avoid disclosing sensitive data in logs. See Sensitive Data Masking.
  • Leave the 'lightwave-api-testing-service' disabled (installation default) in production instances.




LightWave Server 1.1.4