Sprint 53-54 - October 9th, 2024

  • Feature
Improvements in back-office
DESCRIPTION

We have been working with improving the back-office. Specifically, we’ve worked on improving the speed within multiple areas in the back-office.

  • Feature
Action plan to mitigate hacking attempts on AO platform
DESCRIPTION

Recently we have had some hacking attempts on our platform.

Quick overview of the hacking attempts: hacker mainly tries to exploit publicly available endpoints by querying them with a moderate number of requests. Typically, from a couple of minutes to an hour.

We have created an action plan to mitigate these attempts:

  1. Change the request signature algorithm

  2. Explore the possibility to obfuscate the request signature algorithm

  3. Review hacking attempts logs to assess the impact

  4. Implement a rate limiter (per IP per endpoint per API key) to prevent brute force attacks

  5. Implement a WAF (Web Application Firewall) to filter out malicious requests – ModSecurity for nginx is a good choice

  6. Revise a Content Security Policy (CSP) to prevent XSS attacks

  7. Revise a public endpoints code to prevent SQL injection

  8. Make the input validation for elastic search queries more strict to prevent garbage input

  9. Add ModSecurity metrics to the monitoring system and setup alerts

  10. Explore the possibility to implement a honeypot to distract hackers

  11. Discuss the possibility to block / grey-list IPs that show suspicious activity

No data