Greetings. I have a Xojo Cloud account and I would like to monitor the account for intrusion detection.
How would one go about this ?
As I see it, a log file of persons accessing the Xojo Cloud front-end will allow for observation of IP address of prospective clients to the app.
But if a malicious actor gains access to the account (i.e. via SFTP) I do not see how I can monitor this.
Any thoughts ?
Intrusion detection is built-in to Xojo Cloud so you don’t have to worry about it. This is one of the benefits of Xojo Cloud. You can read more here:
Once you have an app that is accessible on the internet, security becomes very important. Most hosting providers provide little or no security, it’s left up to you. A simple firewall is not enough. We have a lot of security, the kind that would normally be prohibitively expensive. All Xojo Cloud servers are identically configured and it works because the IDE and the cloud are working together.
That said, this is part of the reason that we provide those cryptic SFTP passwords instead of letting users choose them. Resetting your SFTP password is as simple as turning SFTP off and on again.
Thank you Jason and Greg.
Yes I appreciate the issued passwords that the SFTP functionality in XC provides. I have done the same thing in my app which runs under XC. Users get issued passwords too.
From your answers it would seem that I can’t do intrusion detection on XC because I do not have enough privileges (and so if a malicious actor obtains access by some privileged exploit, then I won’t know).
Is it possible for Xojo to advise of penetrations of XC to affected users ?
Is it possible for Xojo to advise of penetrations of XC to affected users ?[/quote]
The honest answer is… It depends. If someone were to access your machine using a legitimate password through a sanctioned service, there’s not much to advise you of because we simply can’t tell if it’s you or someone else.
That said, services on Xojo Cloud servers don’t listen in any public interfaces unless they absolutely need to and the firewall is locked up tight by default except for the four or five ports that need to be open to maintain the server and for it to serve web apps.
Like any other server, Xojo Cloud servers are constantly being probed for weaknesses, but we do keep them up to date in terms of security updates.
Thank you Greg. Much appreciated.