This chapter describes how to run an Axon Ivy Engine in a secure way. This is important when providing an ivy engine in a secure intranet environment and especially when making an engine accessible over the internet. Some parts might be done by the IT Operation provider:

  1. Run the Axon Ivy Engine behind a fully patched reverse proxy server (like NGINX, Apache http or IIS).

  2. Disable direct access to the Axon Ivy Engine.

  3. Only allow access to the URLs of your application and block all other access.

  4. Run the Axon Ivy Engine with a dedicated system user and database users with limited access rights.

  5. Run the latest Axon Ivy Engine major version with all updates marked as security relevant.

  6. Only serve users over HTTPS (configured on the reverse proxy).

  7. Document and automate the server setup.

  8. Ensure that the provider performs daily backups (database, relevant engine folders).

digraph overview {  
  browser [label="Browser" pos="0,2.5!" width=1];
  reverseproxy [label="Reverse Proxy" pos="2.25,2.5!" width="1.5"];  
  engine [label="Axon Ivy\nEngine" pos="5.4,2.5!" height=0.8 width=1.5 color="#C7D426" fontcolor="black"];   
  systemdb [label="System\nDatabase" pos="8,2.5!" width=1.5 height=0.8]

  browser -> reverseproxy [label="HTTPS"];
  reverseproxy -> engine [label="HTTP\nHTTPS"];
  engine -> systemdb [label="JDBC"];

Read more about other security tweaks which can be applied to an Axon Ivy Engine: