Developer forum

Forum » CMS - Standard features » Disabling Dynamicweb Security

Disabling Dynamicweb Security

E-mail notifications
Zayar Minn Dynamicweb Employee
Zayar Minn
Reply
Posted on 05/05/2025 08:29:54

Hi,

One of our customers has requested to disable Dynamicweb's native security features. From our side, we do not recommend this, as these features play an important role in protecting the application against common vulnerabilities, even if there are external defenses like Cloudflare in place.

However, I'd like to hear your opinion on this request, especially regarding the overall impact of disabling native security protections.

Additionally, what are your thoughts on specifically disabling:

  1. "Do not ban for SQL Injection"
  2. "Activate antispam functionality"

Looking forward to your feedback.


Replies

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Posted on 05/05/2025 16:52:00
Reply
This post has been marked as an answer

You can disable it - they are 'additonal' scanning layers on top of the application - and if they use cloudflare or others, that would be just as fine.

If you keep SQL injection enabled and check "Do not ban for SQL Injection", you will still run the security, but the IP will not get banned and can continue to do attacks. Only impact should be the extra load on the application but should not be much.

Disabling antispam will maybe cause you to receive unwanted spam mails - but maybe not be an issue these days.

Votes for this answer: 1

 

You must be logged in to post in the forum