Get started Bring yourself up to speed with our introductory content.

Why is the Web letting users into our database without login prompts?

I want my users to access their Notes email and databases from the Web by using Internet Explorer. But when I start HTTP services I find that anyone can type in our IP address and see everything and even go to the database without any login prompts at all. So I have turned off HTTP services for now. Any suggestion on how to make this a secure process? Thanks.
You need to do a thorough review and adjustment to the Access Control List on your databases and your server security settings. Domino is a very secure Web server when it is set up correctly. In particular, look at the Anonymous access entry in each database ACL; you want this to be No Access. Also look at names.nsf / Server / Servers / <server name> / Internet Protocols / HTTP / Allow HTTP Clients to Browse. You want this set to No.

Dig Deeper on Lotus Notes Domino Policy Management

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.




  • iSeries tutorials

    Search400.com's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...