Sysadmin

7664 readers

5 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

founded 1 year ago

MODERATORS

DarraignTheSane@lemmy.world

00Lemming@lemmy.world

L3s@lemmy.world

Is gstatic.com safe to whitelist on a secure network? (lemmy.world)

submitted 1 year ago by YourHuckleberry@lemmy.world to c/sysadmin@lemmy.world

6 comments fedilink hide all child comments

We're installing a new app on a secure network. The vendor has requested we allow access to gstatic.com. That seems overly broad to me and unsafe. Thoughts?

you are viewing a single comment's thread
view the rest of the comments

[–] toasteecup@lemmynsfw.com 6 points 1 year ago

Based on this quick article, https://softwarekeep.com/help-center/what-is-gstatic-com#:~:text=Gstatic%20is%20a%20special%20website,%2C%20pictures%2C%20and%20style%20sheets. It feels like just allowing all of gstatic is a bit of a security nightmare. I'd push back and have them identify the parts of gstatic they actually need for their website to work and allow those.

Alternatively, if this application needs a cdn but is only intended for local hosting in the secure network, perhaps a locally hosted cdn could be a good idea.

Without knowing the security in place it's hard to do much beyond give general maybe this or that.