Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ OSM Administration

TABLE OF CONTENTS

Security for OSM Application Server

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedApr 07, 2025
  • 1 minute read

Important: We recommend that IIS servers should follow Microsoft recommendations.

IIS Settings

We recommend the following items regarding security settings on the Web server.

HTTPS protocol

OSM supports only HTTPS protocol.

Enable OPTIONS

The OPTIONS method must be enabled to achieve Cross-Origin Resource Sharing (CORS). This is handled in the API in global.asax for handling requests for allowed methods.

Default Pages on IIS

On IIS, the default web pages on IIS may be considered to be blocked.
However, this is outside of Operational Safety Management application scope and needs to be considered according to the full usage of IIS / web server including other hosted web applications.

Disable Debugging

The IIS web server can typically have ASP.NET debugging enabled by default.

We recommend that ASP.NET debugging is disabled.

APP pool user account

If you want to change the default application pool identity of the app pool, make sure you also give Full control permission for the physical application folder.

In This Topic
TitleResults for “How to create a CRG?”Also Available in