Best Practices - Osto Documentation

Follow these recommendations to optimize your security posture and manage the platform efficiently.

1. Managing Websites Efficiently

SSL Health: Always use valid, unexpired SSL certificates and keep them up to date to ensure visitor trust and data encryption.
Fast DNS Updates: Set your DNS record’s TTL to 600 seconds or lower when making changes to ensure faster propagation and minimal downtime.
Proactive Threat Defense: Regularly review and enable OWASP Top 10 settings in your Website Protection policies to stay protected against emerging threats.

Principle of Least Privilege: Assign users to groups and apply policies that grant the minimum level of access necessary for them to perform their roles.
Regular Audits: Periodically review your Device Control, URL Filtering, and Application Filtering settings to ensure they align with current business and security needs.
Dynamic Policy Management: Update policies as organizational roles change or new applications are introduced to prevent outdated or overly permissive configurations.

Firewall Configuration: Ensure your server firewalls are configured to allow inbound/outbound connections to and from Osto’s IP ranges for seamless access.
Unique Credentials: Use unique access keys and credentials for each server and user combination to enhance security and simplify auditing.
Log Monitoring: Regularly review access logs for your secure servers to identify and investigate any unauthorized or anomalous access attempts.

Strict Rate Limiting: Configure strict but realistic rate-limiting rules on your websites and APIs to block brute-force attempts and other volumetric attacks.
Adaptive Bot Mitigation: Regularly review and update your bot mitigation settings to identify and block new and sophisticated automated attack patterns.
Monitor for Anomalies: Use the dashboard and audit logs to actively monitor for unusual activity and address potential threats before they escalate.