Note: please note that Liferay has renamed its Liferay Experience
Could offerings to Liferay SaaS (formerly LXC) and
Liferay PaaS (formerly LXC-SM).
Customer-Initiated Security Testing
When performance and/or penetration testing is performed, it can appear to Liferay that an attack is being executed against a customer environment.
Please observe the following policies regarding customer-initiated testing for Liferay SaaS below:
- Liferay SaaS Extensions environment: customers may conduct security penetration and stress testing.
-
Liferay SaaS DXP environment: customers are disallowed from running DoS (stress/load) testing. Customers may conduct security penetration testing only if:
- The customer has the Dedicated Resources add-on, AND
- They have prior approval from Liferay.
Please request approval for penetration testing at least 15 days in advance of the testing window. You can submit the request by opening a support ticket on Help Center and providing the following information:
- Time and duration of the test.
- Source IP addresses from which the testing will be executed.
- Target domains or IP addresses (scope).
- Test type(s).