- 2 minutes to read

How to perform hardening on your Nodinite LDAP Web API

Protect your integration environment and ensure compliance by hardening your Nodinite LDAP Web API installation. This guide shows you how to enforce HTTPS, manage certificates, and restrict access for maximum security.

✅ Enforce HTTPS for all LDAP Web API traffic
✅ Secure and manage certificates for compliance
✅ Restrict access by IP and protect Swagger endpoints
✅ Meet enterprise security policies and best practices

Make sure you only allow, and use the HTTPS protocol

Do use HTTPS

You should always use server-based certificates to enforce the HTTPS protocol and protect the privacy and integrity of data sent between the Client/Consumer and the LDAP Web API.

If you have a DNS/Alias name for your certificate, you can use a Web Site and redirect using a binding. Self-signed certificates work, but we do not recommend them for production.
Add Web Site
Screenshot: Add a secure website in IIS for the Nodinite LDAP Web API.

  1. Select HTTPS and port 443
  2. Select the certificate to use

Require SSL

By default, IIS applications do not require SSL.
Default SSL
Screenshot: Default SSL setting in IIS.

You should check this checkbox. To do so, install a valid certificate (see 'Install certificate').
SSL Required
Screenshot: SSL required setting in IIS.

Install certificate

Internet Information Services (IIS) Server Certificate Installation Instructions

Restrict users by IP

The LDAP Web API does not use authentication, so you may need to restrict access by TCP/IP range.

Microsoft provides detailed instructions for configuring IIS to restrict access by IP Address. Review the user guide: IIS 8.0 Dynamic IP Address Restrictions

Swagger

The LDAP Web API supports Swagger. You can access it by adding /swagger to the address. Only developers should access the Swagger endpoint.

Make sure only to access the Swagger page using HTTPS
Swagger
*Screenshot: Secure ac

cess to Swagger documentation for the Nodinite LDAP Web API.*