Security

Portal security features

Portal will be up-to-date with the main line release of Backstage to stay current with patches and updates that protect against known vulnerabilities. Portal encrypts your Backstage config using aes-256-cbc when stored in the database.

Known risks

The root admin login page, when active, is accessible to all users, and only has password protection. It should only be used for initial setup and recovery mode to minimize risk of unauthorized access. Ensure you deactivate recovery mode after you have recovered your instance.

Denial of Service Attacks

Without a mitigation strategy, Portal's backend is vulnerable to denial of service attacks. Such attacks can block authenticated access to your instance. One recommended way to protect your deployment from a denial of service attack is to deploy it behind an authenticating proxy such as AWS’s ALB, GCP’s IAP, or Cloudflare Access.

Portal security features​

Known risks​

Root Admin Login​

Denial of Service Attacks​

Portal security features

Known risks

Root Admin Login

Denial of Service Attacks