frevvo v10.1 Documentation

Software Download Directory

Page tree

Versions Compared

Old Version 1

changes.mady.by.user Nancy Admin

Saved on

compared with

New Version 2

changes.mady.by.user Megan Ellis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. From the administrative command prompt, type the following command with the name you gave to the Insight Server service:

    Code Block
    sc config frevvoforms depend= <name of the Insight Server service>



  2. Check the Dependencies tab of your Insight Server service in the Windows Services list. It should list frevvoforms as a system component that depends on the Insight service.



  3. If you manually stop the Insight Server service, it will ask you if you want to stop frevvo.

Insight Server Security

Solr should only be accessible to the frevvo server i.e. http://localhost:8983/, and should not be remotely accessible. Most customers don’t allow external http access to a server (only https). Since solr is not exposed over https (at least it shouldn't be from a security perspective), remote code execution vulnerability can be mitigated (a remote attacker cannot exploit this vulnerability as it is not exposed). Another option is to block external access to port 8983, for example using firewall rules.

frevvo accesses solr via the client API and does not use velocity. It also encodes all solr query parameters, so it is not possible to attack via injection.

Troubleshooting Tips

Insight Server Log

...