# Best Practices #### 1. Managing Websites Efficiently * SSL Health: Always use valid, unexpired SSL certificates and keep them up to date to ensure visitor trust and data encryption. * Fast DNS Updates: Set your DNS record's TTL to 600 seconds or lower when making changes to ensure faster propagation and minimal downtime. * Proactive Threat Defense: Regularly review and enable OWASP Top 10 settings in your Website Protection policies to stay protected against emerging threats. #### 2. Configuring User Policies * Principle of Least Privilege: Assign users to groups and apply policies that grant the minimum level of access necessary for them to perform their roles. * Regular Audits: Periodically review your Device Control, URL Filtering, and Application Filtering settings to ensure they align with current business and security needs. * Dynamic Policy Management: Update policies as organizational roles change or new applications are introduced to prevent outdated or overly permissive configurations. #### 3. Secure Server Management * Firewall Configuration: Ensure your server firewalls are configured to allow inbound/outbound connections to and from Osto's IP ranges for seamless access. * Unique Credentials: Use unique access keys and credentials for each server and user combination to enhance security and simplify auditing. * Log Monitoring: Regularly review access logs for your secure servers to identify and investigate any unauthorized or anomalous access attempts. #### 4. Optimizing Threat Protection * Strict Rate Limiting: Configure strict but realistic rate-limiting rules on your websites and APIs to block brute-force attempts and other volumetric attacks. * Adaptive Bot Mitigation: Regularly review and update your bot mitigation settings to identify and block new and sophisticated automated attack patterns. * Monitor for Anomalies: Use the dashboard and audit logs to actively monitor for unusual activity and address potential threats before they escalate. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://osto-cybersecurity.gitbook.io/osto/knowledge-base/support-and-resources/best-practices.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.