A newer version of this documentation is available.

View Latest

Security Best Practices

Security best practices consist of guidelines and tips to provide security features throughout the network.

Security is needed on the whole Couchbase infrastructure including the internal, perimeter, and outside network. It must be maintained and continually kept up-to-date to safeguard against malware and hackers.

You must enforce security throughout the network:

Inside Couchbase Server

Inside the server, security is safeguarded by:

To secure the host machine where Couchbase Server is installed, follow the security best practices and encrypt certain data locations with transparent data encryption technologies offered by 3rd party on-disk encryption software vendors such as:

  • Vormetric: clickto download more information.

  • SafeNet

  • Protegrity

Outside Couchbase Server

Outside the server, security is enforced by properly configuring IP tables and ports.

In applications

Security in applications is enforced by paying attention to client configuration cache and user input validation.

In the cloud

To enforce security in the Couchbase cloud, you must securely configure the Network Access Control Lists (ACLs) and security groups as well as Cross Datacenter Replication (XDCR).