Skip to main content

Security

This section covers security configuration for your Mango deployment, including user and role management, API rate limiting, Content Security Policy headers, and Linux-specific hardening measures.

Pages

Users and Permissions

Manage users, assign roles, and configure granular permissions for data point read/set access, data source management, and system-level operations. Covers the role-based permission model and bulk permission editing.

Content Security Policy

Configure Content Security Policy (CSP) headers to mitigate cross-site scripting and data injection attacks. Includes settings for both the modern UI and the legacy UI with examples for common third-party integrations.

Request Rate Limiting

Protect your Mango instance from denial-of-service attacks by configuring per-IP and per-user rate limits on REST API requests and authentication attempts.

Linux Security

Harden your Linux deployment by running Mango as a non-root user and configuring iptables rules to redirect privileged ports (80/443) to Mango's unprivileged ports (8080/8443).