By default, the only ports to be exposed to players / users are 80 (HTTP) and 443 (HTTPS).
DISE Server may bind to other ports if necessary.
Access to the web user interface using HTTPS/SSL is possible.
For hosted / local servers a certificate is needed.
Users need to provide username and password, as well as which network to log in to.
Passwords have a minimum length of 6 characters.
Passwords are stored in secure hashed+salted form in DISE Server.
It is possible to only allow user login for selected users from a fixed IP or IP range.
DISE Server automatically prevents multiple incorrect logins by first rejecting login for a set amount of minutes.
If the attempt subsequently fails, the account is locked, preventing further logins until a local or server administrator unlocks the account.
It is possible to restrict access to individual players, playlists etc in the web UI, for user groups or individual users.
Local or server administrators always have full access.
File & data security
Content file names are based on a checksum and will be checked by the player to prevent local modification.
Using DISE International AB's DISE Cloud solution (https://diseserver.net), files are stored on secure servers in Sweden.
The DISE Server license + player licenses are based on a unique ID as well as the hostname, so can never be hijacked or moved to another machine.
Player licenses are stored in encrypted form in DISE Server.