How to enable or disable HTTP communications with the Database Security Server

Technical Articles ID: KB94362
Last Modified: 9/14/2021

Environment

McAfee Database Security Server
Microsoft Windows Server - all supported versions
Linux - all supported versions

Summary

In Database Security Server 4.8.2 and earlier, the web console allows connections via both HTTP and HTTPS.

From version 4.8.3 and later, under new installation scenarios, HTTP was removed in favor of a more secure HTTPS only solution.

NOTE: For existing Database Security Server installations, the existing configuration remains intact when upgrading to 4.8.3 or later.

A user can enable or disable HTTP communication by modifying the “connector” entries in the conf/server.xml. It’s recommended to disable the HTTP connector for security reasons.

To disable HTTP communication:

Stop the Database Security Server service.
Back up the <DatabaseSecurityInstallDir>\conf\server.xml file by copying the file to a safe directory and open the file at <DatabaseSecurityInstallDir>\conf\server.xml.
Locate the "connector" XML element. There can be more than one element. The HTTP "connector" can be identified as not having a "scheme" attribute.
The "connector" which has the attribute "scheme="https"" is the secure connector and needs to be retained. Below is an example of an HTTP connector to be disabled:

Comment out or remove the HTTP connector to disable HTTP communication.
Save the file.
Start the Database Security Server service.

NOTE: The server.xml configuration file for the Database Security Server is in XML format. Commenting and uncommenting a body of text in this file needs to strictly adhere to XML comment tag syntax.

To enable HTTP communication:

Stop the Database Security Server service.
Back up the <DatabaseSecurityInstallDir>\conf\server.xml file by copying the file to a safe directory and open the file at <DatabaseSecurityInstallDir>\conf\server.xml.
Locate the "connector" XML element. There can be more than one element. The HTTP "connector" can be identified as not having a "scheme" attribute.
The "connector" which has the attribute "scheme="https"" is the secure connector and needs to be retained. Below is an example of an HTTP connector to be enabled:

<!-- http connector has been deprecated.

Add the HTTP connector to enable HTTP communication.
Save the file.
Start the Database Security Server service.

Affected Products

Database Activity Monitoring 5.3.x
Database Activity Monitoring 5.2.x
Database Activity Monitoring 4.8.x
Database Activity Monitoring 4.7.x
Database Activity Monitoring 4.6.x (EOL)

Languages:

This article is available in the following languages:

English United States
Spanish Spain
French
Italian
Portuguese Brasileiro

Glossary of Technical Terms

Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.

Knowledge Center

How to enable or disable HTTP communications with the Database Security Server

Environment

Summary

Affected Products

Languages:

Glossary of Technical Terms

Title

Title

Knowledge Center

How to enable or disable HTTP communications with the Database Security Server

Environment

Summary

Affected Products

Languages:

Glossary of Technical Terms

Choose your region

Title

Title