Securing the application
Note that the following two sections are normally already configured by default with Hopex V1R2-V1R3. You can check those, and tune up the second section depending on the timeout you want to put in place.
Hiding the error details
To prevent the end users from seeing the error details and get knowledge about how the application is written, some actions can be taken to hide those:
1. Open the Administration module of Mega on the web server (Administration.exe, in the installation module of Mega).
2. Open the options at the root level:
3. Go to “Installation”, and then “Web Application”, and change the option “Error display management in web front-end” to “Do not display message”:
4. Close the options and the Administration module.
5. Locate the web.config file of the “Hopex” web application (by default in “C:\inetpub\wwwroot\HOPEX”), and edit it.
6. Add the following key in the file :
<add key="HideErrors" value="1"/>
Activating the automatic logoff
You can activate an automatic logoff of the users after a certain time of inactivity. To do so:
1. Open the Administration module of Mega on the web server (Administration.exe, in the installation module of Mega).
2. Open the options at the root level:
3. Go to “Workspace”:
4. Check the box “Automatic Session Timeout”, and tune up the parameters “Period of inactivity requiring authentication”and “Duration of inactivity before closing MEGA” to the wanted values (by default, in minutes, they are set to 15 and 20, respectively) :
5. Click OK, and close the Administration module.
6. Restart the application to validate this whole configuration.
