Launching a security check

i5/OSiSeries This feature is not applicable.

The Launch Security Check page of the WebSphere Commerce Administration Console allows you to manually launch a security program that checks and deletes temporary WebSphere Commerce files that may contain potential security exposures. Normally the security check program runs as a scheduled job and by default is set to run once a month.

To invoke the security check program:

  1. Open the Administration Console.
  2. Click Security >Security Checker.
  3. On the Launch Security Check page, click Launch.

The results of the security check, including all actions taken by the program are written to the Security check log window and to the sec_check.log file in the logs subdirectory:

AIXLinuxSun Solaris Operating EnvironmentWC_installdir/instances/instance_name/logs

WindowsWC_installdir\instances\instance_name\logs

Windows On non-Windows platforms, file permissions are automatically set by WebSphere Commerce in order that sensitive files cannot be accessed by unauthorized users. On Windows platforms, you need to set the permissions manually as follows. This procedure ensures that only the Administrators group has the read/write/execute right in for sensitive files:

  1. In Windows Explorer, right-click on the drive:\WebSphere folder.
  2. Click Properties and Security. By default the "Everyone" group has the all permission for this folder.
  3. Click Add.
  4. A window displays (Select users, computers...). In this window, select the Administrators Group.

    Note: This can be a bit ambiguous here, since you may see Administrator as a user, but you need to add the Administrator group, not the Administrator user.

    Click Add and then click OK.
  5. In the Security tab, the Administrators Group has been added. You need to remove "Everyone". Select Everyone and clear the box that says "Allow inheritable permission...."
  6. Click Remove on the Security window that is displayed.

Feedback