Moritz Duge
Many server administrators care about hardening server software they’re running. The short version for Collabora Online is that there’s not much to do apart from putting it behind a reverse HTTPS proxy.
When developing Collabora Online we care a lot about building a proper security architecture. You might say it’s “hardened by design”. Office documents are only processed in isolated environments, which you can think of as containers. One environment per document file, freshly created on opening and deleted when the document is closed. We use the same up-to-date isolation technologies that power platforms like Docker, Kubernetes and OpenShift, as explained in our architecture documentation.
If you want to dive even deeper into the technology behind Collabora Online’s architecture, have a look at this blog post by my colleague Caolán.
The only generally recommendable hardening measure is using a reverse proxy for handling TLS/HTTPS termination. You can find proxy configuration templates here.
I’d also recommend making the proxying setup only as complex as strictly needed. Ideally a single reverse proxy. Maintain that proxy regularly and you’ll have a low-complexity setup that benefits both security and performance.
The only additional measure which might make sense for some scenarios is to enable anonymize_user_data for logging. It will hash sensitive data like filenames before logging them. You should also set anonymization_salt. And you might enable high_strength at a slight performance cost. See this link for explanations on each setting.
Advantage: Sensitive information like filenames is only logged as a hash value.
Disadvantage: When running into problems it’s harder to find clues in the logs.
If you’re looking for other, specific hardening measures, that’s what Collabora offers professional support for. Please get in touch. My colleagues are happy to help implement your security policies.
