Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Web Folder functionality was previously called Simple File Networking (SFN).

This page outlines best practices for securely operating a Simple File Networking Web Folder server for BrightSign players.

Authentication

We recommend password-protecting the Simple File Networking Web Folder directory to prevent a third party from retrieving presentation content. There are two types of HTTP authentication supported by the Simple File Networking Web Folder protocol:

  • Digest Authentication: Negotiates with the server using a hashed password. This is the recommended authentication method.

  • Basic Authentication: Negotiates with the server using an un-hashed password. Because the password is vulnerable to interception, you should only use this method if Digest authentication cannot be implemented on the server.

To enable Digest authentication on a player, enter a User name and Password under Simple File Networking Web Folder Authentication during the Unit player Setup process. Digest authentication is used by default—if you wish to use Basic authentication instead, you must check the Enable basic authentication box.

title
Note
Note

If the player is already set up without authentication, you will need to perform Unit player Setup again to enable authentication.

Directory Indexing

If you cannot password-protect the directory containing BrightSign content and presentation files (i.e. the URL for web folder specified during device setup), you should restrict indexing of this directory. This will prevent search engine crawlers from making an index of your presentation files publicly searchable and viewable.

  • Apache: Include the "Options –Indexes" line in either the <directory> directive or in the .htaccess file stored in the directory.

  • Windows Server (IIS): See this page for instructions.

  • Nginx: See this page for instructions.