uStore Security Features

Summary: This article describes uStore security features.

Quick Links Hide

Overview

uStore is an e-commerce platform offering Web-2-Print and VDP capabilities. Storefronts based on uStore are exposed to the World Wide Web and are publicly available.

uStore Storefront customers enter their credentials, billing information and other sensitive details in the store, as well as upload their documents, images, mailing lists and other files which might contain sensitive information.

Therefore, uStore must offer a secure and safe environment. This article describes uStore security features.

Back Office

The uStore Back Office should not be publicly available on the web and, therefore, is not covered in this article. By default, proxy servers do not route web traffic to the Back Office ([domain]/uStoreAdmin), and it is only available from the LAN.

SSL

Sensitive information should be transferred between the client and the server using a secure means of transport, such as SSL (HTTPS).

An SSL certificate should be installed on the uStore server. Any store created in uStore can be configured to use the HTTPS protocol instead of the HTTP protocol.

XMPie customers are responsible for purchasing and installing an SSL certificate.

SSL settings can be found in Back Office > Store Setup >Advanced:

Not Secured – HTTP will be used. This mode is good for a test store as well as for a development server.

Secure All – HTTPS will be used on all pages.

Secure Critical Points – HTTPS will be used on pages submitting credentials, personal information or payment details. Other pages will use HTTP to avoid the SSL performance overhead.

Users

uStore has an enhanced authentication and permissions mechanism, which makes sure that customers can only log in to stores they are allowed to.

Moreover, it is possible to restrict customers to certain products or product groups, and to deny customers from checking out orders.

Registration

uStore registration mechanism has a CAPTCHA feature which can be enabled on the store level to make sure only human customers register to the store.

uStore also has an activation feature, which can be enabled for a store in order to make sure customers register using a real email address, and one that they really have access to.

It is also possible to integrate a custom registration page, in which uStore customers can implement their own UI and logic for customer registration.

Registration settings are configured in Back Office > Store Setup > General:

Passwords

uStore has a password policy feature, which can be enabled on the store level and can enforce the following:

1.     A certain password format, defined mainly by minimum and maximum number of characters of different types.

2.     Passwords can expire after a certain number of days.

3.     An account can be locked out after a certain number of login attempts, and can be unlocked after a certain amount of time.

Password policy settings are configured in Back Office > Store Setup > Permissions:

SQL Injection

Websites that store or process data will usually use some sort of Structured Query Language (SQL) database as a back end repository. This database can be used to store anything from product and customer information to usernames and passwords.

Copying user input into the SQL database query string and executing that query can lead to SQL injection vulnerabilities. SQL injection vulnerabilities can allow cyber-criminals to collect sensitive information stored in the database and to completely take over the vulnerable system.

uStore uses a common technique, known as “parameterized queries” (or “prepared statements”), in order to cope with the risk of SQL injection. The implementation of parameterized queries is documented on the OWASP website (https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet).

This technique is used in queries made internally by uStore, as well as in queries that can be configured by uStore administrators for some advanced features offered by uStore.

Cross-Site Scripting

Cross-site scripting is a security vulnerability which enables a cyber-criminal to execute client side script, which might be harmful.

Cross-site scripting is prevented by default by the ASP.NET platform on which uStore is based. However, in some cases, cross-site scripting is enabled in uStore Back Office by design. In those cases, uStore administrators may enter HTML and JavaScript code for particular fields. By doing so, a uStore administrator can customize the Product Details page with anything HTML and JavaScript has to offer.

Please keep in mind that the Back Office should not be publicly available, and that cross-site scripting is not possible from the Storefront, so security is maintained.

Example:

Back Office: Product Details Step Configuration

Storefront: Product Details Step

Cross-Site Framing

Cross-site framing means that a web page can be embedded in a frame by another page. It is considered a security vulnerability as a cyber-criminal can exploit it in order to replicate the look and feel of a page, and in fact create a phishing site in which sensitive information can be retrieved from victims.

Cross-site framing is enabled in uStore by design. It enables uStore customers to embed uStore in their website, for example, as a Facebook application.

Cross-site framing is not high risk vulnerability and can be prevented by uStore customers in a number of ways, if necessary.

For more details on how to prevent cross-site framing, visit the OWSAP’s website:

https://www.owasp.org/index.php/Clickjacking_Protection_for_Java_EE.

Cookies

Cookies are used by web applications in order to keep information on the client side, and in order to keep the state of the connection to the server (known as session). A cyber-criminal obtaining a cookie may take over a user’s session and exploit it to retrieve sensitive information.

uStore cookies are HTTP-Only cookies. HTTP-Only cookies can only be accessed from the server side, so a cyber-criminal obtaining such a cookie will not be able to exploit it.

Files Upload

uStore enables customers to upload their images, recipient lists and documents. Such file uploads are restricted to certain file types, so a customer cannot upload malicious files. However, files uploaded to the server may contain viruses which may be harmful, so an anti-virus software should be installed on the uStore server.

Created by: Ben Pelkinson, last updated: November 18, 2013