Security Best Practices in Oracle APEX

In today’s digital landscape, security is paramount. Oracle Application Express (APEX) is a powerful low-code development platform that enables developers to build scalable, secure enterprise applications with minimal effort. However, like any web application platform, it requires diligent attention to security best practices to protect sensitive data and ensure compliance with industry standards.

This guide delves into the essential security measures every Oracle APEX developer and administrator should implement to safeguard their applications.

1. Understand the Security Architecture of Oracle APEX

Practical Guidelines:

• Familiarize Yourself with APEX Architecture: Oracle APEX operates entirely within the Oracle Database. Understanding this architecture is crucial for implementing effective security measures. Study how APEX handles web requests, session management, and how it interacts with database schemas.
• Learn About Workspace Isolation: Each APEX workspace is an isolated environment. Ensure that applications are assigned to appropriate workspaces, and that user access is limited to necessary workspaces only. Regularly review workspace configurations for any anomalies.
• Understand Parsing Schemas: A parsing schema is the database schema that an APEX application uses to parse and execute SQL and PL/SQL code. Use dedicated parsing schemas for each application to limit the scope of access and reduce potential vulnerabilities.
• Review APEX Roles and Privileges: Familiarize yourself with APEX-specific roles like APEX_ADMINISTRATOR_ROLE and APEX_PUBLIC_USER. Assign these roles carefully, ensuring that users have only the privileges they need.
• Study APEX Security Features: Dive into the APEX security mechanisms, including authentication schemes, authorization schemes, and session state protection. Understanding these features will enable you to configure them effectively.

2. Implement Strong Authentication Mechanisms

Practical Guidelines:

• Choose Appropriate Authentication Schemes:
  • Built-in Schemes: Use APEX’s built-in authentication schemes like Database Authentication, LDAP Directory, Social Sign-In, or Oracle Single Sign-On.
    • Navigate to Shared Components > Authentication Schemes.
    • Create or select an existing scheme that suits your needs.
  • Custom Schemes: If built-in schemes don’t meet your requirements, develop custom authentication schemes using PL/SQL.
    • Example:
    • CREATE OR REPLACE FUNCTION custom_authenticate(
        p_username IN VARCHAR2,
        p_password IN VARCHAR2
      ) RETURN BOOLEAN IS
      BEGIN
        — Custom authentication logic here
        RETURN TRUE; — or FALSE
      END;
• Enforce Strong Password Policies:
  • Use Oracle Database password profiles to enforce complexity, expiration, and reuse policies.
    • Example:
    • CREATE PROFILE secure_profile LIMIT
        PASSWORD_LIFE_TIME 90
        PASSWORD_REUSE_TIME 365
        PASSWORD_REUSE_MAX 5
        PASSWORD_VERIFY_FUNCTION verify_function;
      ALTER USER apex_user PROFILE secure_profile;
  • In APEX, go to Shared Components > Security Attributes and set password policies for application users.
• Implement Multi-Factor Authentication (MFA):
  • Integrate MFA through custom authentication schemes.
  • Use Oracle Identity Cloud Service (IDCS) or third-party providers like Authy or Duo.
  • Example:
    • After primary authentication, generate and send a one-time code.
    • Validate the code before granting access.
• Limit Login Attempts:
  • Use APEX login throttling to prevent brute-force attacks.
    • In Shared Components > Security Attributes, configure Maximum Login Failures.
    • Set up account lockout policies to temporarily disable accounts after repeated failures.
• Use HTTPS for Authentication Pages:
  • Ensure that login pages are only accessible over HTTPS to prevent credential interception.
  • Configure web server settings to enforce HTTPS connections.

3. Enforce the Principle of Least Privilege

Practical Guidelines:

• Define Specific Database Roles:
  • Create roles with specific privileges required for application functionality.
    • Example:
    • CREATE ROLE app_user_role;
      GRANT SELECT, INSERT, UPDATE ON app_schema.app_table TO app_user_role;
  • Assign roles to users or schemas as needed.
• Separate Schemas:
  • Use one schema for application objects and another for data objects.
    • This limits the exposure of data objects to application code only.
  • Example:
    • app_schema: Contains views, packages, and procedures.
    • data_schema: Contains tables and sensitive data.
• Restrict Public Access:
  • Revoke unnecessary privileges from the PUBLIC role.
    • Example:
    • REVOKE EXECUTE ON UTL_FILE FROM PUBLIC;
• Limit APEX User Privileges:
  • Ensure that the database user for APEX (APEX_PUBLIC_USER) has minimal required privileges.
  • Regularly review and audit user privileges.
• Use Definer’s Rights and Invoker’s Rights Appropriately:
  • Set PL/SQL units to use invoker’s rights (AUTHID CURRENT_USER) when necessary.
  • This allows code to execute with the privileges of the invoking user.

4. Validate and Sanitize User Inputs

Practical Guidelines:

• Implement APEX Validations:
  • Use APEX validations on page items to enforce input rules.
    • Navigate to the page item, click on Validation, and add server-side validations.
  • Examples:
    • SQL Expression Validation:
    • SELECT 1 FROM dual WHERE :P1_EMAIL LIKE ‘%@%.%’
    • PL/SQL Function Returning Boolean:
    • RETURN LENGTH(:P1_PASSWORD) >= 8;
• Use Regular Expressions:
  • Apply regular expressions to validate formats like email addresses, phone numbers, or IDs.
    • Example:
      • Email validation pattern:
      • ^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}$
      • Apply this in a validation or as a constraint.
• Sanitize Inputs in PL/SQL:
  • Use the DBMS_ASSERT package to ensure inputs are safe before using them in dynamic SQL.
    • Examples:
    • v_table_name := DBMS_ASSERT.SIMPLE_SQL_NAME(:P1_TABLE_NAME);
• Implement Database Constraints:
  • Use CHECK constraints to enforce data integrity at the database level.
    • Example:
    • ALTER TABLE employees ADD CONSTRAINT chk_salary CHECK (salary > 0);
• Avoid Exposing Sensitive Data in URLs:
  • Do not pass sensitive information via GET parameters.
  • Use POST requests or session variables instead.

5. Protect Against SQL Injection

Practical Guidelines:

• Always Use Bind Variables:
  • Replace concatenated SQL strings with bind variables in both SQL and PL/SQL.
    • Example:
    • OPEN cursor_name FOR
        ‘SELECT * FROM employees WHERE department_id = :dept_id’ USING :P1_DEPT_ID;
• Limit Dynamic SQL:
  • Use static SQL whenever possible.
  • If dynamic SQL is unavoidable, ensure that inputs are validated and sanitized.
• Use Stored Procedures and Packages:
  • Encapsulate database operations in stored procedures.
  • This reduces direct SQL exposure and allows for centralized input validation.
• Leverage APEX Security Features:
  • Enable Session State Protection to prevent unauthorized manipulation of session items.
    • Go to Shared Components > Security Attributes and enable Session State Protection.
• Educate Developers:
  • Train your team on the risks of SQL injection.
  • Conduct code reviews focusing on SQL statements.

6. Mitigate Cross-Site Scripting (XSS)

Practical Guidelines:

• Enable Automatic Escaping:
  • In reports and forms, set columns and items to escape special characters.
    • For report columns, in the Column Attributes, set Escape Special Characters to Yes.
    • For page items, under Security, set Escape Special Characters to Yes.
• Use APEX Escape Functions in PL/SQL:
  • When outputting dynamic content, use functions like HTF.ESCAPE_SC or APEX_ESCAPE.HTML.
    • Example:
    • htp.p(APEX_ESCAPE.HTML(v_user_input));
• Implement Content Security Policy (CSP):
  • Add CSP headers to control resource loading.
    • In Shared Components > Security Attributes > HTTP Response Headers, add:
    • Content-Security-Policy: default-src ‘self’; script-src ‘self’;
• Avoid Inline Scripts and Styles:
  • Move inline JavaScript and CSS to external files or the application’s shared components.
  • This helps enforce CSP and reduces XSS risks.
• Validate Uploaded Files:
  • Check file types and scan for malicious content.
  • Restrict uploads to necessary file types (e.g., PDF, DOCX).

7. Use HTTPS and Secure Communication Channels

Practical Guidelines:

• Install SSL/TLS Certificates:
  • Obtain certificates from trusted Certificate Authorities.
  • Configure your web server (Apache, Nginx, ORDS) to use the certificates.
    • For ORDS with Jetty, update the jetty-https.xml configuration.
• Enforce HTTPS Connections:
  • Redirect all HTTP traffic to HTTPS.
    • In Apache:
    • RewriteEngine On
      RewriteCond %{HTTPS} !=on
      RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
• Set Secure Cookie Attributes:
  • In APEX, set cookies with the Secure and HttpOnly flags.
    • In Shared Components > Security Attributes, configure Cookie Attributes accordingly.
• Disable Weak Protocols:
  • Configure your server to support only TLS 1.2 or higher.
  • Disable SSL 2.0, SSL 3.0, and weak cipher suites.
• Use VPNs for Internal Access:
  • For administrative access or internal applications, use VPNs to secure connections.

8. Manage Sessions Securely

Practical Guidelines:

• Configure Session Timeout Values:
  • In Shared Components > Security Attributes > Session Management, set:
    • Maximum Session Length: Total duration a session can last.
    • Maximum Session Idle Time: Time after which an inactive session expires.
  • Example: Set idle time to 30 minutes and maximum length to 8 hours.
• Use Secure Session Cookies:
  • Ensure session cookies have the Secure and HttpOnly attributes.
  • Configure in Security Attributes under Cookie Attributes.
• Implement Logout Mechanism:
  • Provide a logout button or link that calls APEX_UTIL.LOGOUT.
    • Example URL:
    • f?p=&APP_ID.:1:&SESSION.:LOGOUT::::
• Prevent Session Fixation:
  • Ensure that session IDs are regenerated after login.
  • APEX handles this by default, but verify in custom authentication schemes.
• Enable Session State Protection:
  • Protect session state by setting items to Restricted where appropriate.
  • This prevents users from tampering with session variables via URL or form parameters.

9. Keep Oracle APEX and Database Updated

Practical Guidelines:

• Monitor Oracle Security Alerts:
  • Subscribe to Oracle’s Critical Patch Updates (CPU) notifications.
  • Regularly check the Oracle Security Alerts page.
• Schedule Regular Updates:
  • Plan maintenance windows for applying patches and updates.
  • Test updates in a non-production environment before rollout.
• Automate Update Processes:
  • Use tools like Oracle Enterprise Manager to automate patch deployment.
  • Maintain scripts for consistent update procedures.
• Update Dependencies:
  • Keep web servers, middleware (ORDS), and other components up to date.
  • Regularly update Java, if used, to the latest secure version.
• Document Update Procedures:
  • Maintain detailed documentation of update steps and configurations.
  • This ensures consistency and aids in troubleshooting.

10. Audit and Monitor Application Activity

Practical Guidelines:

• Enable Standard Auditing:
  • Use the AUDIT command to track activities.
    • Example:
    • AUDIT SELECT ON hr.employees BY ACCESS;
• Set Up Fine-Grained Auditing (FGA):
  • Define audit policies for sensitive operations.
    • Example:
    • BEGIN
        DBMS_FGA.ADD_POLICY(
          object_schema   => ‘HR’,
          object_name     => ‘EMPLOYEES’,
          policy_name     => ‘EMP_SELECT_POLICY’,
          audit_condition => ‘salary > 100000’,
          audit_column    => NULL
        );
      END;
• Monitor APEX-Specific Logs:
  • Use views like APEX_WORKSPACE_ACTIVITY_LOG and APEX_ACTIVITY_LOG.
  • Create reports or dashboards to visualize activity.
• Set Up Alerts and Notifications:
  • Use Oracle Enterprise Manager or custom scripts to notify administrators of unusual activities.
  • Examples:
    • Excessive failed login attempts.
    • Sudden spikes in data access.
• Regularly Review Logs:
  • Schedule routine checks of audit logs.
  • Look for patterns or anomalies that may indicate security issues.

11. Secure Configuration and Deployment

Practical Guidelines:

• Disable Unnecessary Features:
  • Turn off features not used by the application, like RESTful services if not needed.
  • In Workspace Administration, adjust feature settings.
• Configure Error Handling:
  • Use a custom error handling function to control error messages.
    • Go to Shared Components > Application Definition > Error Handling.
    • Example function:
    • FUNCTION error_handler (
        p_error IN apex_error.t_error
      ) RETURN apex_error.t_error_result IS
      BEGIN
        — Custom error processing
        RETURN apex_error.result;
      END;
• Secure File Upload Directories:
  • Ensure that directories used for file uploads are not web-accessible.
  • Use database BLOBs to store files when possible.
• Set Appropriate File and Directory Permissions:
  • Limit access to application files and directories.
  • On UNIX systems, set permissions using chmod and chown.
• Harden Web Server Configuration:
  • Remove default or sample pages.
  • Disable unnecessary modules.
  • Implement security headers:
    • X-Content-Type-Options: nosniff
    • X-Frame-Options: DENY
    • Referrer-Policy: no-referrer

12. Educate and Train Development Teams

Practical Guidelines:

• Conduct Regular Training Sessions:
  • Schedule workshops on topics like secure coding practices, APEX security features, and recent vulnerabilities.
• Develop Security Guidelines and Checklists:
  • Create documentation outlining best practices.
  • Use checklists during development and code reviews to ensure compliance.
• Encourage Knowledge Sharing:
  • Use internal forums or meetings to share security-related insights.
  • Discuss lessons learned from past incidents.
• Promote a Security Culture:
  • Encourage developers to think about security from the outset.
  • Recognize and reward proactive security efforts.
• Stay Updated on Security Trends:
  • Subscribe to security bulletins, blogs, and forums.
  • Participate in the APEX community to share and gain knowledge.

14. Conclusion

Securing Oracle APEX applications is a continuous process that involves a combination of best practices, regular updates, and vigilant monitoring. By implementing the strategies outlined in this guide, you can significantly enhance the security posture of your applications and protect sensitive data from potential threats.

Remember, security is everyone’s responsibility. Stay informed, stay vigilant, and prioritize security in every aspect of your Oracle APEX development lifecycle.

For further reading and official Oracle guidelines, refer to the Oracle APEX Security Guide.

If you have any questions or need professional assistance with securing your Oracle APEX applications, feel free to Contact Us.

Quality services and responsive professional support are the advantages I have with MaxAPEX. THANKS

Evariste BEDINADE

I can’t say enough good things about MaxAPEX, I’ve relied on their hosting services for several years now and they’ve simply never let me down. Whenever issues have arisen, their support team is always incredibly prompt and helpful in their responses. I use their services to manage a portfolio of cloud-based databases and apps, as well as some on-premise management too, and their affordable support has removed so much of the technical overheads and allowed me/my teams to focus on development. If you’re in the market for APEX hosting, simply look no further.

Ryan Byrne

Excellent service, high availability and very good price-value ratio. 100% recommended

Adolfo Blanco

Very nice company, excellent service, very good price-value ratio and amazing amazing support!

Andrei Racila

MaxAPEX Team is Always Ready and on the Time.

Hamzeh Lafi

Spectrum IT Solution

I have asked a lot from MaxAPEX this weekend but as always great work. There is only one Apex hosting company for me and that is MaxAPEX. great work!

Dimitri Lambrou

Feeby, Netherlands

I continue to be impressed by the always excellent support provided by MaxAPEX, thanks again.

Greg Anderson

OrbitQ Ltd, United Kingdom

I appreciate both the quickness and the proactive nature of how my MaxAPEX tickets are resolved. You clearly have a well qualified Oracle staff.

David Bradshaw

Thoroughbred Times, United States

I am always impressed by how much time your support team are prepared to spend on my problems. Well done, as usual!

Stewart Meyer

Natural Resources Wales, United Kingdom

Great. It is is so nice to work with someone who knows their stuff.

Michael J McCann

My American Address Inc, United States

Great response time and very to the point responses. very much appreciated.

Ajith Thomas

Datapoint Solutions Pty Ltd ATF The Thomas Family Trust, Australia

You guys are awesome! Thank you for always providing such wonderful speedy support.

Steve Cockeram

SASHF, South Africa

Gave a great answer and ticket could be closed immediately.

Jacques van der Merwe

Bioforum, South Africa

Excellent,
I always can depend on MaxAPEX for Super Fast Response and to the point response.

Patrick Corbin

Greenup Industries, United States

Excellent response time and got to the solution quickly. Thank you.

IT Service Desk

Skookum Contract Services, United States

Awesome, in a very short timeframe, my problem was resolved, even on Saturday night

Jo Van Eeghem

Solit, Belgium

As soon as I clarified which schema I was having trouble accessing, the connection information was sent to me with a screen shot of exactly how to set it up. Excellent!

Jason Hyler

Rockingham County Schools, United States

Great Job guys, app was working again not long after my request. Thanks

Clive Kellow

Young Control Systems, Australia

I was very satisfied with the way my request was handled in a very timely manner

Ken Robinson

Robinson Process Analytics Aust Pty Ltd, Australia

As always the support is great! Fast and efficient. Thanks with 5 *****

Peter Bachmann

Pebasoft GmbH, Switzerland

We really appreciate the quick and effective response to our issue.

Dan Bowden

Polk County, a political subdivision of the State of Florida, United States

Very quick and adequate response !
Great support, as ever with MaxAPEX.

Dave Maertens

1974, Belgium

Very prompt and to the point which is great, thanks.

Nick Blake

Softlogic, South Africa

The response was amazing! The problem was resolved within a very few minutes of opening the ticket.

Dan Bowden

Polk County, a political subdivision of the State of Florida, United States

Support on this ticket was excellent. The help on this ticket made me feel sure MaxAPEX was an excellent choice.

Dwain Craddock

Tubular Streams, Inc., United States

Quick response to my request, understood my issue and fixed it on the spot. Great work, thanks for your help

robert breuning

unisource solutions, United States

Outstanding response time! He handled this request quickly and completely.

Excellent support. Thank you

Dan Bowden

Polk County, a political subdivision of the State of Florida, United States

My query was well understood and was answered very fast and with all the clarity needed. As always, excellent service from MaxAPEX. Thank you!

Daniel Bosman

Mosberger EDV AG, Switzerland

Like always, your support is always best in class. I appreciate this.

Peter Bachmann

Pebasoft GmbH, Switzerland

Just did a great job – thanks. Please keep it up!

Paul Joyce

Self, Ireland

It was a easy task, but what I really appreciate is that the issue was solved in minutes. Keep on the good work!

Aljaž Mali

THE RIGHT THING Solutions, d.o.o.

It is solved now, very happy with the support. Keep up the good work.

Michel Gjaltema

Casiro, Netherlands

I think it is great how MaxAPEX responses to my tickets, even in the evening and during the weekends.

Harm Harmenzon

Burger Breedband, Netherlands

All of the guys provided great support for our server migration. We appreciate the hard work and dedication.

Mauro Juarez

Distribuidora Zucchi, Argentina

Team was able to provide me with solutions to my problem, of which i am very grateful for. Well done!

Babatunde Lasisi

FerraHub, South Africa

Great support, gave me information to fix a performance issue.

Pablo de Paola

Data4Lives, Brazil

We are very happy to using max apex hosting. they are support very nice and prompt. i recommend APEX user to use their hosting

Aaroz.com

Idea Infintiy BD Limited, Bangladesh

MaxAPEX support is very good. I have never experienced a situation where they have not been able to help or where the work was not completed very quickly.

Richard Pickett

United Kingdom

Excellent service, full cooperation of support staff and good cloud performance.

Dario

Giesse software, Italy

In mid-2013 I started looking for a hosting service that could house my project of serving small businesses with specialized system solutions developed on Oracle Apex that meet the need of this market share. I found Maxapex and since then we have established this partnership with excellent cost benefit and high quality services available. Thank you Maxapex for the excellent services provided over these 6 years.

Luiz Sabenca

Prismus Systems, Brazil

I’m glad I decided to work with you. I never have any problem at all. Thanks so much for doing a great job!

Gordana Bobinac

IT-Apex4u, Serbia

I Have been using Maxapex Service since couple of years. The most thing that attracted me, their instance support and response at any time. Hope to continue this support in future in more improve way.

Vobon, Bangladesh

We appreciate the incredible support MAXAPEX team have provided for us.
We got help with things like that linux configuration, establishing odbc connection that are not strictly related to server hosting. This is the best value for money service on this area.

David Pataki

Enrol Consulting Kft, Hungary

Maxapex is the perfect choice for hosting Oracle Apex. The support service is speedy and responsive. We did not have a situation where they could not help. You can quickly change your tariff plan to the most suitable one. Server uptime is excellent. We did not have a situation when our business was suspended.

Ed Zakabluk

Technosvit, Ukraine

MaxAPEX , really facilitate my start with apex by making it Jump , the team is very helpful and understanding people , ‘I’ve passed more than 3 years with max apex and i feel happy with their support and their services

Haythem Mousa

Smart Orbits, United Arab Emirates

Hi, my name is Roberto Párraga. I’m developer in Oracle Apex with Oracle Database XE.
My expririence with MaxAPEX is successfully, because helpme to developer and deploy successfully my applications.
The technical support is excellent because my questions got quicly responses.
The stability of the hosting service and the continuous it’s wanderfull, 24/7.
In abstract, I recommend MaxAPEX Hosting for deploy applications developed in Oracle ApeX.

ROBERTO ANTONIO PATRRAGA ZAMBRANO

MONSERRATE ALAVA DE GONZÁLEZ, Ecuador

We found MaxAPEX’s technical support team very cooperative, quick & responsive. Hosting services are very much reliable, we never even think about switching to another company.

Ahmed Bilal

Orbit Systems, Pakistan

We have been using Oracle APEX hosting from MaxAPEX for almost 7 years now. I can recommend it as the service, level of expertise and support is really good. We host several Apex web applications with MaxAPEX for our customers that are mainly schools. The users and schools are depending on our Apex Apps with MaxAPEX to execute quality checks which are needed by the Ducth law. An other web app helps teachers during class to track, help and administrate students. As you can imagine it is very important for us that the MaxAPEX servers are fast and reliable which they are. Keep up the good work MaxAPEX.

Michel

Feeby, Netherland

One of the best oracle apex hosting i have ever used. You guys rock, very fast and active when it comes to ticket solving. Keeo up the good work. I have recomended to many Colleagues and customer about maxapex.

Mark Trading Kuwait

B2IK, Kuwait

We looked for a company who offers APEX hosting about 2 years ago. We found MaxAPEX and were suprised about the portfolio and the pricing. So we started to use their platform with our CRM system developed on Oracle APEX.
We rate the availability, the update policy and the speed/quality of the support with five stars.
Thank you very much!
Steven Ponndorf

Steven Ponndorf

Harmonyliving, Germany

Excellent company!

Great service! are fast and efficient … Congratulations!

Denis Araujo

DESOSP SERVIÇOS EM INFORMATICA, BRAZIL

I am a MaxAPEX customer for several years now. My company inventory, stock control and invoicing system done using Oracle APEX is hosted with MaxAPEX. These guys have the best support system and a very reliable up-time. Every upgrade and maintenance is always notified in advance, so our IT team is aware to let the other team members know. My 10/10 recommendation goes to MaxAPEX!!!

Shaminda Samaratunge

Ananda Miners (Pvt) Ltd, Sri Lanka

I have been using MaxAPex for several years, in various configurations (shared, dedicated etc) and I have never had any issues with the serivce. Further, I find the support very responsive and very good. I have no issues with using MaxAPEX as a platform for my live customers. Using this service just takes away so much Oracle Admin headache etc. I would highly recommend MaxAPEX as a hosting partner for any Apex Applications.

Paul Joyce

Ireland

As part of a volunteer organisation, I was looking for a service to help solve a big problem for us which was the hours of admin involved in running a local community centre. Services are affordable and scalable and responses to my questions were swift and the support team have been amazing in helping me get what I needed. Upgrades are managed and as an Oracle partner, these guys ensure we are running the latest and greatest and soon as it’s available. Overall I have been very happy with performance too as well as the option to host within the UK. I have managed in a very short time to release an app to our community where most of the admin is now done by them, we’ve set up over 800 events this year, cut invoicing down from one day to 15 mins per quarter and automated several other processes. We have integrated with Stripe and Twilio too!

Adam Howard

The Parks Community Association, United Kingdom

We have been working with MAXAPEX for approximately 5 years. We have 3 mission critical applications operating in their infrastructure. The service offered by MAXAPEX has been optimal for our needs, and has allowed us to grow as we have required. Their support is excellent, and has allowed us to really concentrate on satisfying the needs of our business.

Juan Carlos Garcia Iza

Macrotics SAS, Colombia

I have used MaxAPEX for over ten years now and found them to be both practical and extremely reliable. Equally impressive is their competent and timely response to my occasional questions and service tickets.

As an APEX developer, having full control of an entire Oracle XE instance gives me lots of options and because it is professionally supported by MaxAPEX I never have to worry about Oracle upgrades or new versions. I also appreciate the fact that it is physically located in a data center with fast Internet access both in and out. This is something a small company like mine cannot easily do on our own.

Thanks, MaxAPEX, for providing this valuable service at a cost I can afford.

Tony

Konoso LLC, USA

I have been a MaxAPEX customer since 2015. It is a very stable, reliable, and fast platform. The support is excellent and very timely. It is always updated to the latest versions. In MaxAPEX we have hosted all our systems and we are extremely satisfied, I highly recommend them.

Adolfo Blanco

BLEICO, C.A, Venezuela